0

I am trying to make an application that should not portable between computers or
between users of the same computer.
Which is the best way to do this?

edit: By not portable I meant, the application should not be usable without installing it. ie) moving the installed folder to a different computer or different user login of the same computer.

How can we get an id that is always unique to a user login in a computer?.

please excuse my poor english.

nathan
  • 185
  • 1
  • 5

3 Answers3

1

Almost no matter what mechanism you implement, the other user will always be able to decompile the program and route around what prevents running it with relative ease. Two exceptions:

  • Move key functionality + authentication into c modules. This makes circumvention harder, but not impossible

  • Move key functionality + authentication into a call to a program executing on a remote machine that you control. Here the other user needs to re-implement the function(s) based on sample input and output - direct reverse engineering is not possible.

These points are covered in further detail in the answers to the linked-to question. Of course, as some answers point out, you need to determine how much trouble you wish to go to and if it is worth your while to do so. Maybe a naive python native access control is enough deterrant, even if an adept programmer can work around it.

Community
  • 1
  • 1
Lauritz V. Thaulow
  • 49,139
  • 12
  • 73
  • 92
0

If you want only one user to have access you have to create some kind of "login".

That's what registration or activation keys are for.

http://en.wikipedia.org/wiki/Product_key

You include the user name and some machine identification in the key,

S.Lott
  • 384,516
  • 81
  • 508
  • 779
  • I'm mystified why you did not simply link to or even mention [your own second highest rated answer](http://stackoverflow.com/questions/261638/how-do-i-protect-python-code/261727#261727) for this question. :) – Lauritz V. Thaulow Jul 15 '11 at 10:38
  • @lazyr: I don't see the connection between reverse engineering and access controls like an authorization key. What did I miss? – S.Lott Jul 15 '11 at 10:53
  • Now I'm confused. As I see it, there's no point in access controls if you can reverse engineer around them, is there? In principle, that is. In practice it serves as a deterrant, because the user needs a strong incentive to go to the trouble. – Lauritz V. Thaulow Jul 15 '11 at 11:05
  • @lazyr: I don't pretend to understand the question. Access controls can always be circumvented by reverse engineering. Always. It goes without saying. However, many customers prefer to simply buy an access key instead of reverse engineer. If the key is cheap enough, why waste time reverse engineering? And why waste time worrying about reverse engineering when it's always possible? – S.Lott Jul 15 '11 at 12:02
0

Let your installation script copy some modules of your program to user application directory. In your program add that path to sys.path, that import would find your modules.

warvariuc
  • 57,116
  • 41
  • 173
  • 227
  • The whole application is installed in user application directory. It stores some data specific to the user. If the application is moved with the stored data to different user login, it will cause problems to the user. I wanted to prevent this. – nathan Jul 15 '11 at 11:06
  • well, use the idea - install app into several directories. thus, to make it portable someone will have to recreate the app directory structure by himself, not just by copying a single folder. – warvariuc Jul 15 '11 at 11:08
  • or let installation script put app config files in some non-standard location, and make the program not work without those configs. or use both approaches at the same time. – warvariuc Jul 15 '11 at 11:11