Jan-22-2021, 04:07 PM
If someone manages to hack my web application and/or the python interpreter itself, is it possible to prevent the python process from extracting its own source code?
On the OS level, I could change the file permissions after the python interpreter had read the source, so that the process couldn't read them again if it later became compromised. Or maybe to achieve the same effect I could never give the process permission to access the source and use a separate non-python process to do a one-time stream of the code on loading.
However, with modules like "inspect" I'm not sure this would be worthwhile. Would deleting the files on my system for the "inspect" module be effective? Or could the process just read its own memory to find out what the source is?
Thank you
On the OS level, I could change the file permissions after the python interpreter had read the source, so that the process couldn't read them again if it later became compromised. Or maybe to achieve the same effect I could never give the process permission to access the source and use a separate non-python process to do a one-time stream of the code on loading.
However, with modules like "inspect" I'm not sure this would be worthwhile. Would deleting the files on my system for the "inspect" module be effective? Or could the process just read its own memory to find out what the source is?
Thank you