[Zope] Zope+Python source-code security

Paul Winkler pw_lists@slinkp.com
Mon, 29 Apr 2002 06:36:11 -0700


On Mon, Apr 29, 2002 at 12:16:54PM +0200, Pawel Lewicki wrote:
> Hallo,
> I was asked to make a web-application that seems to be perfect to be built
> in Zope and Python. And it is also the great opportunity to get to know the
> second one :) But the main issue is the security of the source-code. I was
> browsing the archive and haven't found yes/no answer if it is possible.
> There are a few security layers:
> 1. Zope management (I suppose the easiest)
> 2. Data.fs (Can you pull the stored objects and browse externally?)

Yes, should be possible. AFAIK Data.fs is just a big pickle dump,
so all you'd need to explore it is a python interpreter.

> 3. Secure encryption of external Python modules and methods.

There's been some discussion of this on comp.lang.python.
I've never had to do it, so I'm not the guy to ask, 
but here's some reading material: do a groups.google.com search
on "source code encryption". Sort by date.

--PW 

"Welcome to Muppet Labs, where the future is made - today!"