Celula Research wrote:
Now that the issue has come up...
What would be a good way to protect code in Zope, both in straight Python code in the file system -Products/Extensions- and dtml/tal ?
We have developed solutions which would like to install in customer's equipment, nevertheless, we can't or don't want to give out the source code and/or risk the products to be distributed without the appropriate permissions, therefore we are looking for some sort of safeguarding the code.
I know this may look as against the "Open Source" model, but unfortunately, contracts, NDAs and all that stuff DO exist and therefore we are obliged to comply with them.
I don't mean to sound glib, but I would suggest that you solve your contractual problems with contractual solutions. The legal system is your best defense in this area. Technical solutions for copy protection fail left and right, and a number of computer scientists will tell you that this may be because it's impossible. There have been on this list several discussions where we explored the various options. See "Zope application offline - how to apply a license ptotection?" 8/14/2003 "How do I encrypt files in the ZODB" 7/22/2003 The easiest option is to use a machine with an encrypted filesystem that you control as much as possible, down to the padlock on the case. This isn't foolproof, but it would take a lot of work to get root on such a machine and thus access your code. If you want to hand somebody Zope code such that they can't copy it but can run it, I suppose there are ways to extend Python to interpret code that requires some sort of key to decrypt, and to come up with a similar scheme for templates too, but I wouldn't want to try it. Techniques for obfuscation are easier, but still not simple. --jcc -- "He who fights with monsters should look to it that he himself does not become a monster. And when you gaze long into an abyss the abyss also gazes into you."