473,287 Members | 3,228 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,287 software developers and data experts.

Prevent Modification of Script?

Is it possible to prevent modification of a python file once its been
deployed? File permissions of the OS could be used..but that doesn't
seem very secure.

The root of my question is verifying the integrity of the application
and the scripts being run. Is this possible, if so, how?

Apr 5 '07 #1
13 1776
On Wed, 04 Apr 2007 18:04:57 -0700, ts-dev wrote:
Is it possible to prevent modification of a python file once its been
deployed? File permissions of the OS could be used..but that doesn't
seem very secure.

The root of my question is verifying the integrity of the application
and the scripts being run. Is this possible, if so, how?
Your best bet is probably some sort of cryptographic signature mechanism.
However, if they can modify it, they can likely modify it so that the
signature check is disabled. So you need something you "trust" to verify
said signature.

So basically, except in a "trusted" computing environment, you cannot
entire ensure what you're wanting. OS permissions are probably the
most practical thing you've got; the signature thing could fool some
slightly more intrepid attackers.

One significant factor: are you worried about other
users on your systems (or other users who share systems with you under a
third party's control), or are you worried about what people will do on
their own systems?

- Michael
Apr 5 '07 #2
"ts-dev" <ti********@gmail.comwrites:
Is it possible to prevent modification of a python file once its been
deployed?
Prevent modification by whom?

You can't prevent modification by the person who owns the
machine. It's in their possession, and presumably it's out of yours;
they can do whatever they like.
The root of my question is verifying the integrity of the
application and the scripts being run. Is this possible, if so, how?
Never put the program anywhere that someone you don't trust has access
to it.

--
\ "Why should I care about posterity? What's posterity ever done |
`\ for me?" -- Groucho Marx |
_o__) |
Ben Finney
Apr 5 '07 #3
ts-dev wrote:
The root of my question is verifying the integrity of the application
and the scripts being run.
Google "md5sum". Then google "birthday attack".

James
Apr 5 '07 #4
Ben Finney <bi****************@benfinney.id.auwrote:
"ts-dev" <ti********@gmail.comwrites:
Is it possible to prevent modification of a python file once its been
deployed?

Prevent modification by whom?

You can't prevent modification by the person who owns the
machine. It's in their possession, and presumably it's out of yours;
they can do whatever they like.
Hmmm -- if the file is deployed on read-only media it might be possible
to prevent modification. Of course, one could COPY it to read-write
media, and modify the copy, but that would still entirely satisfy the
requirement of "preventing modification of the file" as stated.
Alex
Apr 5 '07 #5
On Apr 4, 6:10 pm, Michael Ekstrand <use...@elehack.netwrote:
One significant factor: are you worried about other
users on your systems (or other users who share systems with you under a
third party's control), or are you worried about what people will do on
their own systems?
Michael, Ben & others:
The short answer is others on a shared system, or malware that could
modify the scripts.

I'm new to python programming and there are just some paradigms I'm
having trouble grasping.
If the scripts can be modified (very easily), how can the application
be trusted?

i.e. If its an address book, then it would be trivial for malware to
modify the script to override data or send it somewhere else...
It would also seem like it makes user authentication through a
password/ username, or encryption useless. The script could easily be
modified to by-pass authentication and encryption could be disabled.

Please correct any wrong assumptions that I might be making..

In a compiled application its not impossible to by pass the code.. but
its not so easy. Perhaps this is just a side-effect of being a
scripted language - not a flaw, just me trying to use it for something
its not well suited for.

- Kiel

Apr 5 '07 #6
"ts-dev" <ti********@gmail.comwrites:
If the scripts can be modified (very easily), how can the
application be trusted?
This sounds far more that you don't trust the application *user*.

If that's the case, don't deploy the application such that the user
possesses it. Run it as a service on a machine controlled by people
you *can* trust.

That, or re-evaluate your reason for dealing with people you don't
trust.

--
\ "Timid men prefer the calm of despotism to the boisterous sea |
`\ of liberty." -- Thomas Jefferson |
_o__) |
Ben Finney
Apr 5 '07 #7
ts-dev wrote:
On Apr 4, 6:10 pm, Michael Ekstrand <use...@elehack.netwrote:
>>One significant factor: are you worried about other
users on your systems (or other users who share systems with you under a
third party's control), or are you worried about what people will do on
their own systems?


Michael, Ben & others:
The short answer is others on a shared system, or malware that could
modify the scripts.

I'm new to python programming and there are just some paradigms I'm
having trouble grasping.
If the scripts can be modified (very easily), how can the application
be trusted?

i.e. If its an address book, then it would be trivial for malware to
modify the script to override data or send it somewhere else...
It would also seem like it makes user authentication through a
password/ username, or encryption useless. The script could easily be
modified to by-pass authentication and encryption could be disabled.

Please correct any wrong assumptions that I might be making..

In a compiled application its not impossible to by pass the code.. but
its not so easy. Perhaps this is just a side-effect of being a
scripted language - not a flaw, just me trying to use it for something
its not well suited for.

- Kiel
You are worrying a little too much. Lets say you are genuinely worried
about malware, for example. To justify this worry, answer these questions:

1. Who in the world would take the time to write malware targeted at
your application specifically?
2. What value does your application have that would warrant such effort?
3. Would it not be worth a malware writer's troubles to focus on an easy
target that offers more rewards, like say, Microsoft Crapware 3000, or
whatever they are selling these days?
4. Are you so technically proficient at writing streamlined and
transparent code that a malware author will find your code an easy
target, especially if you distribute it as bytecode?
5. Could you not just md5sum the bytecode and check it from within a
launcher against a value on a server somewhere? How many barriers would
a malware writer need to circumvent to foil this protection scheme?
Again, would it be worth his troubles in fame, fortune, or the knowledge
that he did a good job?
6-7000. Etc.

Write your program in the language most suited for it and, when you hit
it big, hire some security experts.

James
Apr 5 '07 #8
Just throw out the .py files and let it run on the .pyc's alone.

~Sean

On Apr 4, 8:03 pm, James Stroud <jstr...@mbi.ucla.eduwrote:
ts-dev wrote:
The root of my question is verifying the integrity of the application
and the scripts being run.

Google "md5sum". Then google "birthday attack".

James

Apr 5 '07 #9
"ts-dev" <ti********@gmail.comwrote:
Please correct any wrong assumptions that I might be making..
In a compiled application its not impossible to by pass the code.. but
its not so easy.
The huge amount of existing viruses targeting binaries seems to
indicate that binary-only distribution does not deter attackers
very well. Your assumption that the availability of source code
makes your program a more vulnerable is likely wrong.
The script could easily be
modified to by-pass authentication and encryption could be disabled.
Relying on authentication done at the client end is doomed to
fail. Doing so is similar to asking people to put the lock in
the door before opening it. It doesn't matter how good a lock
is or how obscure the inside of the lock is if the lock isn't
an integral part of the door; a burglar will simply bring his
own lock, to which he of course has the key, and use that.
Perhaps this is just a side-effect of being a
scripted language - not a flaw, just me trying to use it for something
its not well suited for.
No. To be blunt, it is an effect of you not knowing enough about
security. (Don't feel too bad about it. I have made similar
mistakes myself, but after many years working with computer
security I have managed to learn not to do *that* particular
error again; I hope...)
--
Thomas Bellman, Lysator Computer Club, Linköping University, Sweden
"Life IS pain, highness. Anyone who tells ! bellman @ lysator.liu.se
differently is selling something." ! Make Love -- Nicht Wahr!
Apr 5 '07 #10
<ha**********@gmail.comwrote:
Just throw out the .py files and let it run on the .pyc's alone.
Which are very easily decompilable. :-)

--
Lawrence, oluyede.org - neropercaso.it
"It is difficult to get a man to understand
something when his salary depends on not
understanding it" - Upton Sinclair
Apr 5 '07 #11
On Apr 5, 2:45 am, Thomas Bellman <bell...@lysator.liu.sewrote:
No. To be blunt, it is an effect of you not knowing enough about
security.
Blunt is good =) I ask question because I don't know. I appreciate
your honesty.

Apr 5 '07 #12
On Apr 4, 10:19 pm, James Stroud <jstr...@mbi.ucla.eduwrote:
You are worrying a little too much. Lets say you are genuinely worried
about malware
Thanks for the feedback. Perhaps you are correct about being too
worried.. eh, to be honest you probably are.
Write your program in the language most suited for it and, when you hit
it big, hire some security experts.
Very good advice..thanks for taking the time to respond.
Apr 5 '07 #13
On Wednesday, Apr 4th 2007 at 18:04 -0700, quoth ts-dev:

=>Is it possible to prevent modification of a python file once its been
=>deployed? File permissions of the OS could be used..but that doesn't
=>seem very secure.
=>
=>The root of my question is verifying the integrity of the application
=>and the scripts being run. Is this possible, if so, how?

I'm going to take a stab at this one even though I'm a really junior
pythonian.

I know others have already responded, but I'd like to offer a couple of
suggestions that have nothing to do with python. (BTW, I do applaud the
previous answers that suggest that this is really a non-problem in the
first place.)

1. *IF* you are on a linux target platform then it's likely that you have
a package management system in use, either rpm or deb. In either case,
you have the ability to verify by checksum, every file of any package.

In the case of rpm, just use the -V option.

2. You also have the ability to set the immutable flag on ext2/ext3
filesystems. See lsattr/chattr commands. Of course, if you can get root
access then you can shut off immutability, but you can also replace
your package management tools as well. AAAUUUGGGHHH!!!

--
Time flies like the wind. Fruit flies like a banana. Stranger things have .0.
happened but none stranger than this. Does your driver's license say Organ ..0
Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
individuals! What if this weren't a hypothetical question?
steveo at syslang.net
Apr 6 '07 #14

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: Jerry | last post by:
Hi All, How can I prevent a script from running when a previous instance of the script had already been triggered and the script is running in the background already? So, even when a script is...
7
by: José Joye | last post by:
I have a windows service where I create another appdomains. In the newly created AppDomain, I make use of a C library. If I issue an Abort(1) within this library, it simply hard stop my main...
2
by: anonieko | last post by:
Scenario: You have a page that is TOO slow to refresh. But it allows partial flushing of html contents. I.e. Submit button already appears but you don't want your users to click on it prematurely...
2
by: techfuzz | last post by:
I scoured this group and others looking for the best way to disable a button after the first click to prevent multiple submissions, but never did find anything that worked like they said it would. ...
9
by: Daniel Walzenbach | last post by:
Hi I am faced with the following problem: I have a page (let’s call this page page1.aspx) containing some TextBoxes and a hyperlink which opens another page (let’s call this page page2.aspx)...
1
by: Henry Law | last post by:
(I posted this to comp.infosystems.www.browsers.misc but there seems to be very little traffic there. I can't see another suitable group; is it on topic here? If not, any suggestions as to...
3
by: GarryJones | last post by:
I found this handy little script on the net that means the user can only press backspace or numbers in form input. <script type="text/javascript"> function numbersonly(e){ var...
2
by: Unpopular | last post by:
void directory::modification()//??????????? { clrscr(); cout<< "\n\t @@@@@@ @@@@@ @@@@@ @@@@@@ @@@@@ @ @ @@@@@@ "; cout<< "\n\t=====@ @ @ @ @ @ @@...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: marcoviolo | last post by:
Dear all, I would like to implement on my worksheet an vlookup dynamic , that consider a change of pivot excel via win32com, from an external excel (without open it) and save the new file into a...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.