在Docker中分发python源代码安全吗? [英] Is distributing python source code in Docker secure?
问题描述
我将决定该项目的编程语言。
的要求是一些客户希望在没有外部Internet访问的隔离服务器上运行应用程序。
为此,我需要向他们分发应用程序,并且不能例如,使用在我的云上运行的SaaS方法(我想做的事情...)。
问题是,如果我决定将Python用于开发此程序时,我需要为客户提供易读的代码,这并不是我真正想要做的(当然,我对您是否真的需要保护源代码一类的问题一无所知,但事实并非如此)
我的一位同事告诉我有关Docker的信息。我可以找到许多有关Docker容器安全性的答案。问题是关于保护(隔离)主机使其免受容器中运行的代码的影响。
我需要知道Docker映像中的Python源代码是否在其中运行Docker Container受到访问的保护-用户可以某种方式(不必很容易)访问Python代码吗?
我知道我无法保护所有内容,我知道可以反编译/破解所有内容。我只是想知道答案,只是为了决定在Docker中访问我的代码的方式是否足够困难以至于我可以冒险。
Docker映像是打开并记录的应用程序打包格式。检查图像内容的方法有无数种,包括其中包含的所有python源代码。
在容器内部运行应用程序可将应用程序与转义的应用程序隔离开容器访问主机。它们不会保护您免受主机上检查容器内部情况的用户的攻击。</ p>
I am about to decide on programming language for the project. The requirements are that some of customers want to run application on isolated servers without external internet access.
To do that I need to distribute application to them and cannot use SaaS approach running on, for example, my cloud (what I'd prefer to do...).
The problem is that if I decide to use Python for developing this, I would need to provide customer with easy readable code which is not really what I'd like to do (of course, I know about all that "do you really need to protect your source code" kind of questions but it's out of scope for now).
One of my colleagues told me about Docker. I can find dozen of answers about Docker container security. Problem is all that is about protecting (isolating) host from code running in container.
What I need is to know if the Python source code in the Docker Image and running in Docker Container is secured from access - can user in some way (doesn't need to be easy) access that Python code?
I know I can't protect everything, I know it is possible to decompile/crack everything. I just want to know the answer just to decide whether the way to access my code inside Docker is hard enough that I can take the risk.
Docker images are an open and documented "application packaging" format. There are countless ways to inspect the image contents, including all of the python source code shipped inside of them.
Running applications inside of a container provides isolation from the application escaping the container to access the host. They do not protect you from users on the host inspecting what is occurring inside of the container.
这篇关于在Docker中分发python源代码安全吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
