Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.freenet.ag!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.072 X-Spam-Evidence: '*H*': 0.86; '*S*': 0.00; 'subject:password': 0.05; 'subject:file': 0.07; 'tries': 0.07; 'wrapper': 0.09; 'python': 0.11; '(there': 0.16; 'cipher': 0.16; 'modules.': 0.16; 'proceeds': 0.16; 'symmetric': 0.16; 'sat,': 0.16; 'wrote:': 0.18; 'trying': 0.19; 'programming': 0.22; 'instead.': 0.24; 'stick': 0.24; 'environment': 0.24; 'script': 0.25; '>': 0.26; 'appreciated': 0.26; 'permission': 0.26; 'right.': 0.26; 'certain': 0.27; 'to:2**1': 0.27; 'wondering': 0.29; 'generally': 0.29; 'to:no real name:2**1': 0.29; 'words': 0.29; 'message- id:@mail.gmail.com': 0.30; 'usually': 0.31; 'asks': 0.31; 'controlled': 0.31; 'wright': 0.31; 'file': 0.32; 'this.': 0.32; 'another': 0.32; 'says': 0.33; '(i.e.': 0.33; 'could': 0.34; 'but': 0.35; 'received:google.com': 0.35; 'add': 0.35; 'there': 0.35; 'policies': 0.36; 'doing': 0.36; 'next': 0.36; 'should': 0.36; 'operating': 0.37; 'level': 0.37; 'implement': 0.38; 'depends': 0.38; 'lists.': 0.38; 'to:addr:python-list': 0.38; 'bad': 0.39; 'to:addr:python.org': 0.39; 'how': 0.40; "you're": 0.61; 'national': 0.62; 'email addr:gmail.com': 0.63; 'protection': 0.63; 'such': 0.63; 'more': 0.64; 'total': 0.65; 'to:addr:gmail.com': 0.65; 'details': 0.65; 'here': 0.66; 'subject': 0.69; 'eyes': 0.78; 'protect': 0.79; 'implications': 0.84; 'itself?': 0.84; 'these.': 0.91; 'accounts,': 0.95; '2013': 0.98 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=qSWFcOvd2YIpXdeL6L5G+CcQ3+b4/ZI+b1kZPmFnnL0=; b=BIep2h7OFHZGr/i7+Yn1OGB4IjxyI24WgOrrqEW6yUBO5MDdLMAap3WkYq326New1u 57pbYxv7NYqf0edn/UOOCyBfEDvw8hH3PrZl5Ay+Pfu/3qdlHq3qqMy+h/U/yRMkx/TM td9C7m/hiBBbuI+xK0B9UlGNxs8TjJpwvNjvwUpgLMVt1wLsfYLr8m/L7+39yBdnMdfu mHzefFmOrgrlHN4rCem7VQJQp/lcHXdwUhSD80hMbN5EgCU4cXmZN51kGzNx/sFm8iUM 0RoI8zSosM9v8NECJjGVStZQJPbIF5TqIM7qMHYiJei4ffG1PY4FS3+fKbWv8aAW1n7t EeEQ== MIME-Version: 1.0 X-Received: by 10.14.183.135 with SMTP id q7mr17765322eem.97.1372620351929; Sun, 30 Jun 2013 12:25:51 -0700 (PDT) Date: Sun, 30 Jun 2013 13:25:51 -0600 Subject: Re: password protect file From: Modulok To: gmsiders@gmail.com, python-list@python.org Content-Type: multipart/alternative; boundary=047d7b34385e7d2fdc04e06414a3 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 116 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1372620358 news.xs4all.nl 15987 [2001:888:2000:d::a6]:40656 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:49511 --047d7b34385e7d2fdc04e06414a3 Content-Type: text/plain; charset=ISO-8859-1 On Sat, 29 Jun 2013 10:28:47 -0700 (PDT), gmsiders@gmail.com wrote: > I was wondering if there was a couple of words or things i > could add to the top of my python script to password > protect it so that it asks user for the password and then > after three tries it locks them out or says "access > denied" and closes/ends the script but if they get it > wright it proceeds on to the next line of the script total > noob here any help appreciated How to correctly implement such features depends on what are you are protecting. Are you trying to protect another file on the same machine, the script itself? Is this a server-side script trying to authenticate a web client? Is this 'kid-sister' level protection or national security level of protection? We would need more details on what you're trying to accomplish. Also, good (i.e. real) security is notoriously difficult to get right. There are usually pre-built solutions you should make use of instead. >From your subject line it sounds like you're interested in access control. If this is on a controlled system you should instead make use of the pre-built operating systems access control features such as user accounts, file permission bits, group policies or Access Control Lists. If this is in an uncontrolled environment or you just want to protect a file on a USB stick from prying eyes you can encrypt the file with a strong symmetric cipher like AES. There are existing tools for doing this. Your Python script could be a wrapper around one of these. (There are certain security implications to be aware of when doing this.) There's also AES implementations available in various pure Python modules. (However these generally are not FIPS certified.) If you are a "total noob" attempting (real) security programming is a bad idea. -Modulok- --047d7b34385e7d2fdc04e06414a3 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
On Sat, 29 Jun 2013 10:28:47 -0700 (PDT),=A0gmsid= ers@gmail.com=A0wrote:
> I was wond= ering if there was a couple of words or things i
> could add to the top of my python script to pas= sword
> protect it= so that it asks user for the password and then
> after three tries it locks them out or says &quo= t;access
> denied&quo= t; and closes/ends the script but if they get it
> wright it proceeds on to the next line of the s= cript total
> noob here = any help appreciated

How to correctly implement such features depends on what are you are<= /font>
protecting. Are you trying to protect= another file on the same machine, the
script itself? Is this a server-side script trying to authent= icate a web
client? Is this 'kid-sister' = level protection or national security level
of protection? We would need more details on what you= 9;re trying to accomplish.

Also, good (i.e. real) security is notoriously difficult = to get right. There
are u= sually pre-built solutions you should make use of instead.

From your subject line it sounds like you're interest= ed in access control. If
= this is on a controlled system you should instead make use of the pre-built=
operating systems access control feat= ures such as user accounts, file
permission bits, group policies or Access Control Lists.

If this is in an uncontrolled environment or you just wan= t to protect a file on
a = USB stick from prying eyes you can encrypt the file with a strong symmetric=
cipher like AES. There are existing t= ools for doing this. Your Python script
could be a wrapper around one of these. (There are certain s= ecurity
implications to be aware of when doin= g this.) There's also AES implementations
available in various pure Python modules. (However t= hese generally are not FIPS
certified.)

If you are a "total noob" attempting (real) security program= ming is a bad idea.
-Modulok-
--047d7b34385e7d2fdc04e06414a3--