On Wednesday, Apr 4th 2007 at 18:04 -0700, quoth ts-dev:
=>Is it possible to prevent modification of a python file once its been
=>deployed? File permissions of the OS could be used..but that doesn't
=>seem very secure.
=>
=>The root of my question is verifying the integrity of the application
=>
On Apr 4, 10:19 pm, James Stroud <[EMAIL PROTECTED]> wrote:
> You are worrying a little too much. Lets say you are genuinely worried
> about malware
Thanks for the feedback. Perhaps you are correct about being too
worried.. eh, to be honest you probably are.
> Write your program in the language m
On Apr 5, 2:45 am, Thomas Bellman <[EMAIL PROTECTED]> wrote:
> No. To be blunt, it is an effect of you not knowing enough about
> security.
Blunt is good =) I ask question because I don't know. I appreciate
your honesty.
--
http://mail.python.org/mailman/listinfo/python-list
If you are *really* worried about the database being attacked and edited,
encrypt it by private key: require that the user set a password and use that
password every time that s/he accesses the database. I am afraid that you
cannot really prevent the database from being deleted completely, but you
<[EMAIL PROTECTED]> wrote:
> Just throw out the .py files and let it run on the .pyc's alone.
Which are very easily decompilable. :-)
--
Lawrence, oluyede.org - neropercaso.it
"It is difficult to get a man to understand
something when his salary depends on not
understanding it" - Upton Sinclair
"ts-dev" <[EMAIL PROTECTED]> wrote:
> Please correct any wrong assumptions that I might be making..
> In a compiled application its not impossible to by pass the code.. but
> its not so easy.
The huge amount of existing viruses targeting binaries seems to
indicate that binary-only distribution d
Just throw out the .py files and let it run on the .pyc's alone.
~Sean
On Apr 4, 8:03 pm, James Stroud <[EMAIL PROTECTED]> wrote:
> ts-dev wrote:
> > The root of my question is verifying the integrity of the application
> > and the scripts being run.
>
> Google "md5sum". Then google "birthday att
ts-dev wrote:
> On Apr 4, 6:10 pm, Michael Ekstrand <[EMAIL PROTECTED]> wrote:
>
>>One significant factor: are you worried about other
>>users on your systems (or other users who share systems with you under a
>>third party's control), or are you worried about what people will do on
>>their own sy
"ts-dev" <[EMAIL PROTECTED]> writes:
> If the scripts can be modified (very easily), how can the
> application be trusted?
This sounds far more that you don't trust the application *user*.
If that's the case, don't deploy the application such that the user
possesses it. Run it as a service on a
On Apr 4, 6:10 pm, Michael Ekstrand <[EMAIL PROTECTED]> wrote:
> One significant factor: are you worried about other
> users on your systems (or other users who share systems with you under a
> third party's control), or are you worried about what people will do on
> their own systems?
Michael, Be
Ben Finney <[EMAIL PROTECTED]> wrote:
> "ts-dev" <[EMAIL PROTECTED]> writes:
>
> > Is it possible to prevent modification of a python file once its been
> > deployed?
>
> Prevent modification by whom?
>
> You can't prevent modification by the person who owns the
> machine. It's in their possess
ts-dev wrote:
> The root of my question is verifying the integrity of the application
> and the scripts being run.
Google "md5sum". Then google "birthday attack".
James
--
http://mail.python.org/mailman/listinfo/python-list
"ts-dev" <[EMAIL PROTECTED]> writes:
> Is it possible to prevent modification of a python file once its been
> deployed?
Prevent modification by whom?
You can't prevent modification by the person who owns the
machine. It's in their possession, and presumably it's out of yours;
they can do whatev
On Wed, 04 Apr 2007 18:04:57 -0700, ts-dev wrote:
> Is it possible to prevent modification of a python file once its been
> deployed? File permissions of the OS could be used..but that doesn't
> seem very secure.
>
> The root of my question is verifying the integrity of the application
> and the
Is it possible to prevent modification of a python file once its been
deployed? File permissions of the OS could be used..but that doesn't
seem very secure.
The root of my question is verifying the integrity of the application
and the scripts being run. Is this possible, if so, how?
--
http://m
15 matches
Mail list logo
