On Wed, 2 Nov 2011 11:54:17 am Alan Gauld wrote: > On 01/11/11 21:15, Joel Montes de Oca wrote: > > Question, once the code is compiled to a binary, can someone > > inject code to cause the hidden window to show, skipping the > > login altogether? > > In general you don't compile Python to a binary, although tools > exist that give a good approximation to that. But to inject code > would need access to the source files
A sufficiently clever byte-code hacker can insert byte-code straight into the .pyc file, given write permission to the files -- or an exploit that allows writing to a file. Since people can modify machine code executables (that's how most viruses work, and cracked applications), modifying byte-code is unlikely to give them any trouble. Here's a proof-of-concept virus that does exactly that: http://www.symantec.com/connect/blogs/python-has-venom -- Steven D'Aprano _______________________________________________ Tutor maillist - [email protected] To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
