Submitted by Atom_101 t3_1050cw1 in MachineLearning
dr-pork t1_j39hmmm wrote
Following this. I'm soon facing the same issue. Main concern is to protect source code. I think running a docker container locally would be fine but I still need to protect it somehow.
Is it possible to lock a container down and still access it through an API?
Perhaps encrypt the entire code or container? I think pyinstaller is not enough. If I'm not mistaken it just package the code. But you can still read it.
Atom_101 OP t1_j3b291o wrote
It seems you can't lock a container. If the end user has root access they will be able to ssh into the container and see your source code. The solution seems to be to obfuscate your code using something like pyarmor, so that even if the user accesses the docker image, they won't easily figure out your source code.
dr-pork t1_j3gh0wc wrote
I'll look into pyarmor. I just found this as well https://www.sourcedefender.co.uk/ Any idea if that would work? Thanks.
psychorameses t1_j3av5f9 wrote
Through a web API, sure. Locally, no.
Python fundamentally is a scripting language. It isn't pre-compiled into binary. It literally needs the source code to run.
It's ok, a whole lot of people including my boss have made the exact same mistake and asked the exact same question.
dr-pork t1_j3gh3ke wrote
psychorameses t1_j3hxgzs wrote
Best way to think of it is that it scrambles your code, but right before it runs it still needs to be unscrambled, so someone dedicated enough will be able to obtain the full source code (or at least byte code) anyway.
I hope my boss sees this because this is a very common misconception. This isn't the 90s where your only option for running code was to install it on the user's machine. You have other options. You have to assume that everything you install on a user device is no longer private. The only way to protect source code is to never distribute it in the first place, and only expose your software through web APIs.
Viewing a single comment thread. View all comments