加密python模块 [英] encrypting python modules

问题描述

你好，


这个问题已经过去多次以过去几年的形式出现了

年但是从来没有在这个论坛中得到解决已经能够了。

给谷歌。


然而，由于有这么多人提出这个问题，我希望有人有一个b $ b做了一个解决方案并且愿意分享它。


问题：我有一个用python编写的客户端 - 服务器应用程序。我想

确保客户端不是：

1）用户不小心或故意丢弃python

文件在路径中不稳定（之后调用帮助台将没有用）

2）扩展了新功能没有我知道它（再次

导致我的服务台打电话...）

3）琐碎反编译。


添加问题，我希望客户能够在我修复错误或创建新功能时自行更新。


我知道我无法阻止一个专门的黑客解构我的代码。

由于所有客户都需要通过服务器我不怕

freeloaders。


我现在考虑用一些代码来覆盖导入，这些代码只会由我签署并加密导入模块。


然而我无法想象我是第一个打算这样做的人。

那么在某个地方有这样的解决方案吗？


Paul Sijben

推荐答案

Paul Sijben< pa ********* @ xs4all.nlwrites：

Paul Sijben <pa*********@xs4all.nlwrites:

我知道我不能阻止专门的黑客装饰修改我的代码。

I know that I can not stop a dedicated hacker deconstructing my code.

这样做的一个直接后果就是你无法阻止*任何人*来自

解构你的代码如果它们拥有它们。只需要一个专门的技术人员破解你的混淆系统就可以了。

为任何感兴趣的人分发一个自动流程。

A direct consequence of this is that you can not stop *anyone* from
deconstructing your code if it''s in their possession. It takes only
one dedicated, skilled person to crack your obfuscation system and
distribute an automated process for doing so to anyone interested.

但是我无法想象我会成为第一个计划这样做的人。那么在某个地方有这样的解决方案吗？

However I can not imagine that I would be the first one planning to
do this. So is there a solution like this available somewhere?

试图使比特不可复制和不可修改就像试图让b / b
水不湿。


-

\两点之间的最短距离低于|

` \ construction。 - Noelie Alito |

_o__）|

Ben Finney

Trying to make bits uncopyable and unmodifiable is like trying to make
water not wet.

--
\ "The shortest distance between two points is under |
`\ construction." -- Noelie Alito |
_o__) |
Ben Finney

2008年1月12日星期六09:47 ：26 +1100 Ben Finney< bi **************** @ benfinney.id.auwrote：

On Sat, 12 Jan 2008 09:47:26 +1100 Ben Finney <bi****************@benfinney.id.auwrote:

Paul Sijben < pa ********* @ xs4all.nlwrites：

Paul Sijben <pa*********@xs4all.nlwrites:

我知道我无法阻止专门的黑客解构我的代码。

I know that I can not stop a dedicated hacker deconstructing my code.

这样做的一个直接后果就是你无法阻止*任何人*来自

解构你的代码如果它们拥有它们。只需要一个专门的技术人员破解你的混淆系统就可以了。

为任何感兴趣的人分发一个自动流程。

A direct consequence of this is that you can not stop *anyone* from
deconstructing your code if it''s in their possession. It takes only
one dedicated, skilled person to crack your obfuscation system and
distribute an automated process for doing so to anyone interested.

除了'不是他想要做的事。

Except that''s not what he''s trying to do.

然而我无法想象我会成为第一个计划这样做的人。那么在某个地方有这样的解决方案吗？

However I can not imagine that I would be the first one planning to
do this. So is there a solution like this available somewhere?

试图使比特不可复制和不可修改就像试图让b / b
水不湿。

Trying to make bits uncopyable and unmodifiable is like trying to make
water not wet.

再一次，这不是他想要做的。他想安排

的东西，这样他就不必支持他的

代码的未修改版本，因为它无法导入修改后的模块。虽然那个'b
仍然是不可能的，但是一旦你决定你想要多么难以实现它，你可以*可能*让它变得那么困难 - 但是

这个过程变得越来越困难和昂贵，因为你需要更加努力。


我认为他正在考虑只有最简单，最便宜的步骤：

添加一个导入钩子，只允许导入数字签名的

模块。如果计划在Windows上部署，他必须在他的应用程序中捆绑一个

python，他可能会在

解释器而不是在python中实现钩子，所以它很难找到。


如果你想付出代价，你可以安排一些东西

，这样数字签名就更容易受到影响攻击向量，

但我希望花费数百万美元这样做。


< mike

-

Mike Meyer< mw*@mired.org> http://www.mired.org/consulting.html

独立网络/ Unix / Perforce顾问，电子邮件以获取更多信息。

And again, that''s not what he''s trying to do. He wants to arrange
things so that he doesn''t have to support unmodified versions of his
code, by making it impossible to import modified modules. While that''s
still impossible, once you decide how difficult you want to make it
for people to do that, you can *probably* make it that difficult - but
the process gets progressively more difficult and expensive as you
make it harder.

I think he''s contemplating only the simplest, least expensive step:
adding an import hook that only allows imports of digitally signed
modules. If planning to deploy on Windows, where he has to bundle a
python with his application, he may well implement the hook in the
interpreter instead of in python, so it''s harder to find.

If you wanted to go to the expense, you could probably arrange things
so that the digital signatures are the more vulnerable attack vectors,
but I''d expect to spend millions of dollars doing so.

<mike
--
Mike Meyer <mw*@mired.org> http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.

On Fri，2008年1月11日10:44:36 +0100，Paul Sijben写道：

On Fri, 11 Jan 2008 10:44:36 +0100, Paul Sijben wrote:

您好，


这个问题已经过去以多种形式反复出现

年但我从未在这个论坛上解决过这个问题。

到谷歌。


然而，由于有这么多人提出这个问题，我希望有人有一个解决方案，并愿意分享它。


问题：我有一个用python编写的客户端 - 服务器应用程序。我想

确保客户端不是：

1）用户不小心或故意丢弃python

文件在路径中不稳定（之后调用帮助台将没有用）

2）扩展了新功能我不知道它（再次

导致我的服务台打电话...）

Hello,

this question has come by repeatedly in several guises over the past
years but has never been solved in this forum as far as I have been able
to Google.

However since so many people are asking the question, I hope someone has
made a solution and is willing to share it.

The problem: I have a client-server app written in python. I want to
make sure that the client is not:
1) destabilized by users accidentally or on purpose dropping python
files in the path (after which calling the helpdesk will not be useful)
2) extended with "new features" without me knowing about it (again
resulting in calls to my helpdesk...)

这些事情*实际发生的频率*经常发生？


那些真正做到这一点的人，有多少人无能为力，当他们发生问题时他们会责怪你呢？ （请记住，你甚至不知道
甚至可以找到非无能的人。）



-

史蒂文

How often do these things *actually* happen?

Of those that actually do it, how many are clueless enough that when they
run into problems they blame you for it? (And remember that you won''t
even find out about the non-clueless ones.)


--
Steven

这篇关于加密python模块的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！