Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #5726

Re: obviscating python code for distribution

Path csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!feeder.news-service.com!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path <rosuav@gmail.com>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.018
X-Spam-Evidence '*H*': 0.96; '*S*': 0.00; 'plenty': 0.04; 'broken.': 0.07; 'fine,': 0.07; 'python': 0.08; 'throw': 0.09; 'am,': 0.14; 'wrote:': 0.14; 'subject:python': 0.14; 'angelico': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'subject:distribution': 0.16; "hasn't": 0.19; 'this?': 0.19; 'header:In-Reply-To:1': 0.21; 'thu,': 0.22; 'code.': 0.22; 'received:209.85.210.174': 0.23; 'received:mail- iy0-f174.google.com': 0.23; 'subject:code': 0.23; 'fix': 0.23; 'code': 0.24; 'testing': 0.27; "i'm": 0.27; 'message- id:@mail.gmail.com': 0.28; 'thanks': 0.28; 'server': 0.29; 'forgot': 0.29; "he's": 0.29; 'order.': 0.29; 'code,': 0.29; 'bit': 0.30; 'do.': 0.30; '(just': 0.30; 'this.': 0.31; "can't": 0.32; 'done': 0.32; 'someone': 0.33; 'to:addr:python-list': 0.33; 'break': 0.33; 'error': 0.33; 'things': 0.33; 'chris': 0.34; 'direction': 0.34; 'quite': 0.36; 'received:google.com': 0.37; 'received:209.85': 0.37; 'security.': 0.37; 'techniques,': 0.37; 'thread': 0.37; 'ways': 0.37; 'two': 0.37; 'think': 0.38; 'run': 0.38; 'but': 0.38; 'easiest': 0.38; 'subject:: ': 0.38; 'some': 0.38; 'doing': 0.39; 'should': 0.39; 'client': 0.39; "i'd": 0.39; 'received:209': 0.39; 'either': 0.39; 'to:addr:python.org': 0.39; 'everyone': 0.40; 'more': 0.60; 'kind': 0.60; 'your': 0.60; 'back': 0.63; 'secure': 0.63; 'direction.': 0.65; 'here': 0.66; 'online': 0.71; 'game,': 0.84; 'ask.': 0.91; 'cope': 0.91
DKIM-Signature v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=lx0gEqF87r5vs1GoEB/9yziP1n72T43/cH6Gx4I6ZTw=; b=vuTOQmrJuskdXf/4Mkh22ou6RWcR2ZLxwDD+IcdYzMdesTuOJThhVMOBieVAeMhbq4 aaXAfAZt0EiUtaP1sW0J1tfz6UllYfz2V3nvFbK+6EOwRS3uFA3Z/w/YscNLornc/pSt UXiyMA0rDYp2GdWmR8hOrAoED28OzbdszJj/w=
DomainKey-Signature a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=HOV8kLalYHGzjDffJP9lI635YaTdrGrqNhFbVHjgw2EaPpvpAa/M/8RytXuxEwmqj7 sMfBL947VWK5pb9ag1QdMq+TUelY1Vwi8XGvOcTp+QAJNwnyGizrUfJT54wuXDAOKZ0x joERQ8zjvukFbtUi1X/gD8SMy0DqlGYCndw/o=
MIME-Version 1.0
In-Reply-To <4DD40F65.7090807@tysdomain.com>
References <4DD08620.4030507@tysdomain.com> <mailman.1611.1305512463.9059.python-list@python.org> <op.vvlipenoa8ncjz@gnudebst> <5h9ca8-ekq.ln1@svn.schaathun.net> <BANLkTikm9+ordG3xudYTdmrce3vPcHnQ-A@mail.gmail.com> <BANLkTin6Mf3_s9PaMAZgu+DgZ=U+EV+QiA@mail.gmail.com> <BANLkTi=f7Kx=F144dgjaCm6Bwmh3egWAYw@mail.gmail.com> <4DD40F65.7090807@tysdomain.com>
Date Thu, 19 May 2011 04:49:30 +1000
Subject Re: obviscating python code for distribution
From Chris Angelico <rosuav@gmail.com>
To python-list@python.org
Content-Type text/plain; charset=ISO-8859-1
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.12
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups comp.lang.python
Message-ID <mailman.1768.1305744573.9059.python-list@python.org> (permalink)
Lines 28
NNTP-Posting-Host 82.94.164.166
X-Trace 1305744573 news.xs4all.nl 49183 [::ffff:82.94.164.166]:38767
X-Complaints-To abuse@xs4all.nl
Xref x330-a1.tempe.blueboxinc.net comp.lang.python:5726

Show key headers only | View raw

On Thu, May 19, 2011 at 4:26 AM, Littlefield, Tyler <tyler@tysdomain.com> wrote:
>>might be secure as long as attackers cannot, say:
> You forgot UFOs.
> Anyway, again, thanks to everyone for the advice, this is good reading.
> Incidentally, I don't know to much about security. I know about rate
> limiting and dos attacks, as well as some others, but I think there's a lot
> more that I don't know--can someone kind of aim me in the right direction
> for some of this? I want to be able to take techniques, break my server and
> then fix it so that can't be done before I head to public with this.

Your last sentence IS the right direction. The two easiest ways to
find out if your system is secure are (1) try to break it, and (2)
pore over the code and see what can be broken.

When you start testing things, try doing things in the wrong order.
Your server should either cope with it fine, or throw back an error to
that client, but should never allow any action that that client hasn't
already proven he's allowed to do.

There's plenty of people here who know what they're talking about when
it comes to security (just skim over this thread for a few good
names!), so if you have specific questions regarding your Python code,
do ask. Alternatively, if it's not particularly Python-related, I
would be happy for you to email me privately; I'm a gamer, and run an
online game, so I'd be quite willing to have a bit of a poke at your
code.

Chris Angelico

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Re: obviscating python code for distribution Daniel Kluev <dan.kluev@gmail.com> - 2011-05-16 13:21 +1100
  Re: obviscating python code for distribution "Rhodri James" <rhodri@wildebst.demon.co.uk> - 2011-05-16 23:42 +0100
    Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 08:36 +0100
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 17:42 +0300
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 09:54 -0700
        Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 18:33 +0100
          Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 12:07 -0700
            Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 20:56 +0100
              Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:34 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 06:21 +0100
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-19 08:47 +0000
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 10:16 +0100
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:23 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 19:23 +0100
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 17:56 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 05:48 +0100
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:04 +0000
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 09:54 +0100
                Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 15:24 -0500
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 15:45 -0700
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-21 00:54 +0000
                Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 23:26 -0500
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:10 +0000
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 09:26 -0700
                Re: obviscating python code for distribution Nobody <nobody@nowhere.com> - 2011-05-20 18:48 +0100
                Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 11:33 +1000
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 19:30 -0700
                Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 12:35 +1000
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:24 +1000
        Re: obviscating python code for distribution John Bokma <john@castleamber.com> - 2011-05-18 12:31 -0500
          Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:52 +1000
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 10:40 -0700
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:07 +1000
      Re: obviscating python code for distribution "Littlefield, Tyler" <tyler@tysdomain.com> - 2011-05-18 12:26 -0600
        Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-18 21:54 -0500
          Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:50 -0700
            Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 01:17 -0500
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:30 +0300
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:31 +0300
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:37 +1000
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:49 +1000
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:47 -0700

csiph-web