MudBytes
» MUDBytes Community » Language Discussions » Python » Python 3.1 script-to-executab...
Pages: << prev 1 next >>
Python 3.1 script-to-executable tools - Any?
Lobotomy
Sorcerer






Group: Suspended
Posts: 382
Joined: Jul 18, 2008

Go to the bottom of the page Go to the top of the page
#1 id:29734 Posted Jul 24, 2009, 11:52 pm

I don't suspect that there is any yet, as my Google searches have yet to reveal anything to the contrary, but I'm wondering if anyone here may be aware of a tool for creating Windows executable files out of Python 3.1 code. The only utility I've been able to find information on is py2exe, though it seems that they have not yet updated that program to be usable for the more recent 3.x versions of Python.

Davion
Idle Hand






Group: Administrators
Posts: 1,786
Joined: May 14, 2006

Go to the bottom of the page Go to the top of the page
#2 id:29822 Posted Jul 26, 2009, 6:41 am

Can't you just associate all .py files to the python interpreter? Should make it 'executable'.
.........................
http://mudbytes.net/mudbytessignature-davion2.png

Lobotomy
Sorcerer






Group: Suspended
Posts: 382
Joined: Jul 18, 2008

Go to the bottom of the page Go to the top of the page
#3 id:29824 Posted Jul 26, 2009, 7:14 am

Well, yes, but I'm referring to Windows executable files, though. I.e, the .exe file extension. py2exe, for instance, is a program that'll take a Python script and, instead of merely generating bytecode which can be reverse engineered easily, compile the code into actual native machine code as a single executable file; or something to that extent, anyways. It just doesn't support Python 3.x yet, which is the problem with that particular one.

Last edited Jul 26, 2009, 7:15 am by Lobotomy
David Haley
Wizard






Group: Members
Posts: 7,841
Joined: Jun 30, 2007

Go to the bottom of the page Go to the top of the page
#4 id:29856 Posted Jul 26, 2009, 2:31 pm

If you're seeking to use py2exe and friends for 'security via obscurity' and are worried about people reverse engineering your code, you might want to look into what exactly it is that py2exe is doing for you. In particular it is most certainly not "compiling" your Python code into completely native machine code, at least not in the way you seem to think.
.........................
-- d.c.h --
BabbleMUD Project (custom codebase)
Legends of the Darkstone (head coder)
http://david.the-haleys.org
.........................

Lobotomy
Sorcerer






Group: Suspended
Posts: 382
Joined: Jul 18, 2008

Go to the bottom of the page Go to the top of the page
#5 id:29859 Posted Jul 26, 2009, 2:39 pm

I see.

Lobotomy
Sorcerer






Group: Suspended
Posts: 382
Joined: Jul 18, 2008

Go to the bottom of the page Go to the top of the page
#6 id:30050 Posted Jul 27, 2009, 9:02 pm

As a update to this thread, I just came across a promising-sounding tool called cx_Freeze. I've not tried it out yet, although I will be shortly (or in the near-future, anyways). As an aside, I'm curious: Has anyone else used this particular tool before?

Last edited Jul 27, 2009, 9:08 pm by Lobotomy
Runter
Wizard






Group: Developer
Posts: 3,413
Joined: Jun 1, 2006

Go to the bottom of the page Go to the top of the page
#7 id:30054 Posted Jul 27, 2009, 10:15 pm

Lobotomy said:
As a update to this thread, I just came across a promising-sounding tool called cx_Freeze. I've not tried it out yet, although I will be shortly (or in the near-future, anyways). As an aside, I'm curious: Has anyone else used this particular tool before?


I think it's main selling point is the cross platform functionality. It probably still suffers from the same security via obscurity mentioned earlier.  This types of things are notoriously easy to 'decompile' by anyone you would have been worried about reading the code in the first place.

Last edited Jul 27, 2009, 10:16 pm by Runter
David Haley
Wizard






Group: Members
Posts: 7,841
Joined: Jun 30, 2007

Go to the bottom of the page Go to the top of the page
#8 id:30063 Posted Jul 28, 2009, 5:08 am

What these projects usually do is store code to load up an interpreter, and then store your bytecode literally in some form or another, and run the interpreter on the bytecode. If you look at py2exe, for example, it ships your program with a Python interpreter DLL. If you think about it, really, getting rid of the Python interpreter would essentially mean predicting the entire program's behavior at runtime so that you could compile away the many runtime lookups. Basically these things should be thought of as a convenience for people to run the programs -- it makes it all "point-and-click-run" -- and not at all as a means to make the bytecode secure.
.........................
-- d.c.h --
BabbleMUD Project (custom codebase)
Legends of the Darkstone (head coder)
http://david.the-haleys.org
.........................

quixadhal
Wizard






Group: Members
Posts: 2,614
Joined: Oct 17, 2007

Go to the bottom of the page Go to the top of the page
#9 id:30075 Posted Jul 28, 2009, 7:40 am

It should also be noted that MOST things of this nature can be reverse engineered by anyone who's familiar with the bytecode interpreter itself.  If you want security, you're either going to have to pay some cash, or do it yourself in some manner.

If all you want to do is make an executable that people can click, py2exe probably works just fine... You could write it yourself if you know the windows API... I'm sure all they're doing is embedding a python interpreter in a tiny C++ framework that loads your script and says "go".

The other question is why you need the security.  If it's to keep people from seeing how it works (avoiding exploits, etc), that's only feasable if it's a client/server system -- and then you keep most of the logic on the server side.  A self-contained system can ALWAYS be broken down into assembly code (or bytecode in this case), and then analyzed.  Remember, teenage hackers have more energy AND more free time than you do, so you will never beat them. *grin*

If it's to keep people from using your product (or copying it), you have to ask yourself if you want to take the high road and try to make it so useful that people will buy it for the tech support, or just because it's cool.... or the low road of writing obscure code that jumps through hoops that serve no purpose other than to obfuscate people trying to pick it apart.  I call it the low road, because that's the direction that leads you to copy protection schemes, like requiring an internet connection and sending MD5 checksums of the code back home for comparison (and disabling it if they don't match), or breaking things into modules which are all block-encrypted, or other such ideas.

In many cases, it comes down to scale.  Lots of game publishers pay huge sums of cash to license protection systems that abuse all kinds of specs to try and make it harder to duplicate their CD's, DVD's, etc.  In many cases, these systems end up costing them in terms of bad PR, extra tech support that has to field phone calls for folks who can't run X on hardware Y, or in some cases angry because the protection damaged their hardware.  Yet some of the biggest sellers don't have protection at all... look at Turbo Tax.  Every year they sell millions of copies.  I'm sure millions more get pirated, yet they seem to be doing quite well.
.........................
https://lh3.googleusercontent.com/-vYoSYr4luwg/UdpJ_fYLt8I/AAAAAAAAAUw/B-8sQAoGOtA/s800/MUDBYTES_zps028f0a68.gifhttps://lh5.googleusercontent.com/-S1rE61rTCMM/UdrboSwRJsI/AAAAAAAAAYI/MVUkOP_baKs/s800/kool-aid_zpsf0068bff.png

Runter
Wizard






Group: Developer
Posts: 3,413
Joined: Jun 1, 2006

Go to the bottom of the page Go to the top of the page
#10 id:30101 Posted Jul 28, 2009, 4:27 pm

Or follow the Software as a Service business model.  Also I don't think it's a low-road when it's any other purpose than 'making it so useful that people will buy it for tech support.'  I just wonder how viable your so-called low road is.  Putting aside the part about obfuscation.

Pages:<< prev 1 next >>