Support encrypting bytecode to obfuscate source #265
Comments
|
I'm not opposed to adding this feature. However, encrypted bytecode with a distributed key to decrypt is essentially "security theater" since it merely raises the bar and doesn't really protect anything from a determined attacker. However, I'm a pragmatist and realize some customers insist on this feature. So it makes sense to add someday. Thank you for the link to PyInstaller's equivalent feature! If someone could do the heavy lifting and post a technical explanation for how the feature works and/or link to source code, that would save time on implementation... |
|
@indygreg Completely agree with all of your thoughts. Also, it's worth noting in their default configurations, PyOxidizer is already more obfuscated than PyInstaller. PyInstaller must extract the PyInstaller Implementation
|
|
FWIW, Pyinstaller is removing this feature for reasons stated below.
Since I'm the one who originally opened this request, I'm going to simply close it as I don't think the benefits are high enough to justify the complexity. |
To raise the bar for accessing bundled
.pycfiles within a PyOxidizer executable, would you consider adding a feature to encrypt the embedded.pycfiles?This makes it more difficult to recover the original source code (though, of course it's possible given enough work because the key is stored in the binary).
Pyinstaller supports this using the
--keyoption.MATLAB also does something similar to allow better protection of source code: https://www.mathworks.com/products/compiler.html#encrypted-royalty-free
This was originally discussed in #38.
The text was updated successfully, but these errors were encountered: