Hi,
I am developing a snap to use inside at any gateway with Ubuntu Core.
I just don’t want any third party to get his/her hands on the code of the snap.
What is the best practices to secure the snap source code?
Regards,
Davi
Do you mean the snapcraft.yaml or do you mean the code for the software you package in the snap?
Hello arubislander, thanks for the reply.
I mean the code for the software I package in the snap!
I am using python 3.
Snap packages are just as open as any other distribution mechanism. If your application is readable in other forms then it will be readable in a snap package. Snap packaging does not add any protections or DRM onto the shipped application.
However, if you use a compiled language then you can keep your source code private and only ship the compiled binary in the snap. Python, though, is not a compiled language, so the source code will be readable in any packaging system you use to distribute your application.
2 Likes
Ok Daniel,
Maybe I need to use other language to develop this snap, like C ou C++
The only alternative using Python that I saw is obfocused the code, but this is not really safe.
Regards
Davi
you could possibly get going by just distributing your pyc files though if using cpython.
2 Likes
Just keep in mind that compiled code can always be disassembled
2 Likes
Yes, but compiled .pyc is easy to disassemble!
I achieved something similar but in a much “reliable” way. I compiled my python code using Cython and shipped the output shared objects as part of the snap. Problem solved.
1 Like