1

How do I protect my Python codebase so that guests can't see certain modules but so it still works?

My question is an add on question posted on the page above.

If there are two svn directories; for example, src/private and src/public and internal users will have both public and private directories and things will just work fine.

The public users will have only src/public. Is it possible to import the src/private in init.py even though the user doesn't have it checked out? The user should be able to link to it to resolve any functional dependencies in src/private but, should not be able to view to content of the files.

Are there any other solutions for this problem?

Community
  • 1
  • 1
Nav
  • 11
  • 1

2 Answers2

2

Give it up. It's essentially impossible to keep curious eyes out. For instance, look at the dis module:

import dis
def foo(): print 'bar'
dis.dis(foo)

which would yield:

  1           0 LOAD_CONST               1 ('bar')
              3 PRINT_ITEM          
              4 PRINT_NEWLINE       
              5 LOAD_CONST               0 (None)
              8 RETURN_VALUE

Voila - there are any strings you wanted to hide, simply by importing your modules. There are other modules and services that can do a pretty good job of converting such disassemblies into readable Python code.

What exactly are you trying to accomplish? That is, what specifically are you trying to protect?

Kirk Strauser
  • 30,189
  • 5
  • 49
  • 65
  • What I would like to do is basically the same as the original post. There are some python code (secret sauce) that I would like to safeguard. Temp employees/consultants should only be able to view/work with public code without having access to the private codebase. I understand that people with sole intention to steal the code will find a way but, a the idea is to make it harder for people to do so. The codebase is in svn so, was just wondering if there is a straight forward way to do so, instead of rewriting the code in c/c++ or something else that would require signifiant effort. – Nav Jan 17 '12 at 02:01
2

You can always move core functionality to some C or C++ module, and distribute only the compiled version of the module.

See http://docs.python.org/extending/extending.html

Paulo Scardine
  • 73,447
  • 11
  • 124
  • 153