Add on to: How do I protect my Python codebase so that guests can't see certain modules but so it still works?

Question

How do I protect my Python codebase so that guests can't see certain modules but so it still works?

My question is an add on question posted on the page above.

If there are two svn directories; for example, src/private and src/public and internal users will have both public and private directories and things will just work fine.

The public users will have only src/public. Is it possible to import the src/private in init.py even though the user doesn't have it checked out? The user should be able to link to it to resolve any functional dependencies in src/private but, should not be able to view to content of the files.

Are there any other solutions for this problem?

Answer 1

Give it up. It's essentially impossible to keep curious eyes out. For instance, look at the dis module:

import dis
def foo(): print 'bar'
dis.dis(foo)

which would yield:

  1           0 LOAD_CONST               1 ('bar')
              3 PRINT_ITEM          
              4 PRINT_NEWLINE       
              5 LOAD_CONST               0 (None)
              8 RETURN_VALUE   

Voila - there are any strings you wanted to hide, simply by importing your modules. There are other modules and services that can do a pretty good job of converting such disassemblies into readable Python code.

What exactly are you trying to accomplish? That is, what specifically are you trying to protect?

Answer 2

You can always move core functionality to some C or C++ module, and distribute only the compiled version of the module.

See http://docs.python.org/extending/extending.html