A suitably advanced attacker can read the running Python bytecode from the system’s memory, anyway. To achieve the same level of security you can ship only *.pycs (as long as they’ve been compiled by the version of Python that’s also going to be running the system, of course).
In the same vein (I’m still defending my image idea ;) ) you can ship an image encrypted with an one-time key, decrypt it into a tmpfs, mount the image, then unlink the file (seems to work: “/tmp/app.squashfs (deleted) on /app type squashfs (ro,noexec,nosuid,nodev,user=akx)”), leaving the app viable only for the duration of the mount. As for the auditing bit you mentioned earlier, you could use UNIX permissions to your benefit, allowing only the single designated user (i.e. the one running the uWSGI node) to read the files required. Also my gut feeling is that any approach in this might be open to timing attacks... and in the end, if someone else is root on the system your code will be deployed on, they can just inject a kernel module that intercepts reads of your app’s code. Just my 5 euro cents here :) Aarni From: [email protected] [mailto:[email protected]] On Behalf Of est Sent: Wednesday, August 21, 2013 12:09 PM To: uWSGI developers and users list Subject: Re: [uWSGI] offtopic: How difficult is it to build a sourcefile-less Django cluster in uWSGI? Another benifit: If your physical machine is somehow seized by an unwanted thirdparty, Once your server is powered off or restarted, your running instance of everything would be gone, and Intellectual Property would be safe. In this model we could establish reliable licensed service to Intranets and corporates. The service could be charged either by hour or by number of running instances. The Intranet only need to load the latest version of a service from the Internet, and go LAN-only or whatever afterwards. You don't have to worry that your source code is leaked or modified without permission. I am intend to build a system like this. Does anyone have any technical experience of how difficult and reliable this could be? Thank you guys!
_______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
