Re: program deployment
On Fri, 05 Jan 2007 15:16:09 -, Grant Edwards [EMAIL PROTECTED] wrote: On 2007-01-05, king kikapu [EMAIL PROTECTED] wrote: Python code is normally deployed as straight source code. But isn't this a problem of its own? I mean, many people do not feel good if the know that their source code is lying around on other machines... Are they embarassed by their code? For companies, that may be one reason. For many companies, rightly so ... /Jorgen -- // Jorgen Grahn grahn@Ph'nglui mglw'nafh Cthulhu \X/ snipabacken.dyndns.org R'lyeh wgah'nagl fhtagn! -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
On Fri, 05 Jan 2007 08:01:17 -0800, Michele Simionato wrote: king kikapu wrote: Are they embarassed by their code? hehehe...no, just worried about stealing their ideas... I believe that shipping just the bytecode is a pretty effective way to stop 99% of programmers from reading your code. Yes, in theory they could decompile it, but in practice, programmers are lazy. 99% of programmers won't read the code if you ship the source. Look, I am so lazy that usually I don't read the source code, even if it is there in plain! Exactly. -- Steven. -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
On Fri, 05 Jan 2007 07:19:37 -0800, king kikapu wrote: Are they embarassed by their code? hehehe...no, just worried about stealing their ideas... I don't understand... how can they steal an idea? If somebody copies your idea, you've still got it, it's not gone. -- Steven. -- http://mail.python.org/mailman/listinfo/python-list
program deployment
hi to all folks here, i am learning Python, just finished a book and i am starting to write programs. I just want to ask, is the correct way to deploy my programs to other computers, the .pyc files ?? I now that with the -m compileall . switch can compile a .py file into bytecodes. So i suppose that if Python has to run a .pyc file, it will load and execute it faster. And if i have some sensitive data in my source, like passwords (and the source of cource!) they will be more secure in a compiled file. Is that correct ? Thanks a lot for any help! -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
king kikapu wrote: hi to all folks here, i am learning Python, just finished a book and i am starting to write programs. I just want to ask, is the correct way to deploy my programs to other computers, the .pyc files ?? I now that with the -m compileall . switch can compile a .py file into bytecodes. So i suppose that if Python has to run a .pyc file, it will load and execute it faster. And if i have some sensitive data in my source, like passwords (and the source of cource!) they will be more secure in a compiled file. Is that correct ? Thanks a lot for any help! Python code is normally deployed as straight source code. It gets compiled automatically on its first run and will subsequently load this quickly. Passwords do not belong in the source code and they are not secure simply by distributing bytecode instead. This applies to any language, native or byte code compiled. Distributing bytecode may deter non-technical users but that's just about it. -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
Python code is normally deployed as straight source code. But isn't this a problem of its own ?? I mean, many people do not feel good if the know that their source code is lying around on other machines... -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
king kikapu wrote: Python code is normally deployed as straight source code. But isn't this a problem of its own ?? I mean, many people do not feel good if the know that their source code is lying around on other machines... This has been discussed a bazillion times on this list - the summary is (at least from my POV): - it is possible to decompyle python pretty easy. So, spare yourself the hassle just distributing only the pyc - it is easy enough to hack even C-written apps, if anything is _worth_ being hacked, it will be hacked - 99% of all code isn't worth being hacked or ripped. Really. Even though the result of cobbling together lots of unimaginative code might be impressive, there are only very few areas of coding (like e.g. sophisticated compression algorithms and the like) that are worth ripping - the rest is bound to be runnable in one app only anyway, as it is coupled closely - if you have something you really, really, really need to be as secure as possible, go use a remote service - otherwise, it _will_ be compromised. Diez -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
On 2007-01-05, king kikapu [EMAIL PROTECTED] wrote: i am learning Python, just finished a book and i am starting to write programs. I just want to ask, is the correct way to deploy my programs to other computers, the .pyc files ?? That depends on the platform. Under Linux, one usually just provides the source. Under Windows, I ususally use py2exe+inno-setup. I now that with the -m compileall . switch can compile a .py file into bytecodes. So i suppose that if Python has to run a .pyc file, it will load and execute it faster. A little bit, yes. And if i have some sensitive data in my source, like passwords (and the source of cource!) they will be more secure in a compiled file. Not really. -- Grant Edwards grante Yow! I represent a at sardine!! visi.com -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
On 2007-01-05, king kikapu [EMAIL PROTECTED] wrote: Python code is normally deployed as straight source code. But isn't this a problem of its own? I mean, many people do not feel good if the know that their source code is lying around on other machines... Are they embarassed by their code? -- Grant Edwards grante Yow! Can I have an IMPULSE at ITEM instead? visi.com -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
Are they embarassed by their code? hehehe...no, just worried about stealing their ideas... -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
Grant Edwards schrieb: On 2007-01-05, king kikapu [EMAIL PROTECTED] wrote: Python code is normally deployed as straight source code. But isn't this a problem of its own? I mean, many people do not feel good if the know that their source code is lying around on other machines... Are they embarassed by their code? hehehe, but what I am thinking: Is it somehow possible to _really_ hide the source from being viewed by other persons when using python? Not that I want to do that ( I am an Open Source friend ), but that might get others that rely on that (commercial) to use python for more projects as it is done now. Thomas -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
king kikapu wrote: Are they embarassed by their code? hehehe...no, just worried about stealing their ideas... Ever heard of Open Source ? I do better by letting other people steal my ideas (and stealing theirs too) than I'd ever do by keeping things secret. -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
Under Windows, I ususally use py2exe+inno-setup. Xmmm...i have downloaded this and try a (very) simple project and it is working great. Of your experience, does it also working great when you have more complex solutions, e.x. many 3rd party modules like wxWidgets and so ?? -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
On 2007-01-05, king kikapu [EMAIL PROTECTED] wrote: Are they embarassed by their code? hehehe...no, just worried about stealing their ideas... They're deluding themselves. The vast majority of ideas aren't worth stealing. If they are worth stealing, you don't need the source code to do it. You can figure out the ideas behind almost all software by running the program for 30 seconds (or just by reading a description of what it's supposed to do). Even sophisticated and intricate algorithms and protocols can be reverse-engineered with or without the source code. Having the source code often doesn't even help very much. -- Grant Edwards grante Yow! Join the PLUMBER'S at UNION!! visi.com -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
On 2007-01-05, king kikapu [EMAIL PROTECTED] wrote: Under Windows, I ususally use py2exe+inno-setup. Xmmm...i have downloaded this and try a (very) simple project and it is working great. Of your experience, does it also working great when you have more complex solutions, e.x. many 3rd party modules like wxWidgets and so ?? Yes. I use it to deply wxPython apps that use a lot of third party packages like pyserial, numpy, scipy, scientific python, pygnuplot, plotlib. The resulting setup.exe files seem awfully large to somebody who cut his teeth on Unix Version 7 on a PDP-11 with 256KB of RAM and a 20MB hard drive (and who still writes programs for platforms with 256 bytes of RAM). But, by windows standards they're not all that large. Nobody cares anymore that a program won't fit on a floppy disk... -- Grant Edwards grante Yow! I think my CAREER at is RUINED!! visi.com -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
king kikapu wrote: Are they embarassed by their code? hehehe...no, just worried about stealing their ideas... I believe that shipping just the bytecode is a pretty effective way to stop 99% of programmers from reading your code. Yes, in theory they could decompile it, but in practice, programmers are lazy. Look, I am so lazy that usually I don't read the source code, even if it is there in plain! Of course, if you only ship the bytecode and your code has bugs, the tracebacks will be less explicit and it will be more difficult for you to support your users. Also, you will stop the users that could fix the bug for you from doing so and you will rule out the possibility of getting help for free. Think about that. If it was that easy to steal non-trivial ideas from the source code, we will not complain all the time about about how difficult is to understand the code written by others. Michele Simionato -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
Ok, i got the point...Things are a little bit different on the other way of the fence (Microsoft way...) and so many of Python's elements are a little (at least) strange at first... But hey, thank you all! -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
hehehe, but what I am thinking: Is it somehow possible to _really_ hide the source from being viewed by other persons when using python? Not that I want to do that ( I am an Open Source friend ), but that might get others that rely on that (commercial) to use python for more projects as it is done now. Yes. I use Python for running background tasks. I wrote many servers in Python and also websites. Users are using it, but they do not have access to the .py files. This is one possible way to do it. E.g. hide the whole computer system from the end users, and allow them to access some restricted interfaces only. Of course, you cannot distribute or sell these programs without showing the source code. You can sell them as a service; that is accessible remotely. Or you can sell them together with the machine, cased and stamped. :-) Laszlo -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
king kikapu wrote: Ok, i got the point...Things are a little bit different on the other way of the fence (Microsoft way...) and so many of Python's elements are a little (at least) strange at first... But hey, thank you all! Not really! Of course you do not distribute .cs (or .vb) files when deploying your application, but decompilers for .NET are plenty. Same for Java. For C and the like, it is a little trickier, but the decompiler can and will produce equivalent code. Better yet, just disassemble it. What is done nowadays to make people's life harder (as in, they cannot just copy and paste code) is to use an obfuscator. Are there any for Python? This is completely and utterly useless for passwords, though. If you need to protect something, encrypt it. If it is on a server, you can control access to the file via filesystem permissions. Do not expect to keep the password secret if you are distributing it, though :) I've cracked C programs, Clipper and Java almost effortlessly. They were all custom programs where the sole developer would put a password for administrative functions, just to be able to charge money long after it was deployed. Stephen -- http://mail.python.org/mailman/listinfo/python-list
Re: program deployment
Of course you do not distribute .cs (or .vb) files when deploying your application, but decompilers for .NET are plenty. Same for Java. Yes, but in .Net we have some strong dotfuscators that makes reverse engineer really difficult. In any way, it is not so easy to get to the source as .py files is. -- http://mail.python.org/mailman/listinfo/python-list
