Protecting Python Applications

The following methods exist to protect Python applications using Sentinel LDK Envelope:

>Script Envelope

This method uses the Script Envelope command-line tool for applying Sentinel LDK Envelope protection to Python applications on a Windows machine. The protected application can only run on a Windows machine.

After you create a project file that contains protection parameters, you can protect the Python application simply be executing Script Envelope. No additional steps are required.

>Sentinel LDK Envelope with Sentinel LDK Data File Protection (DFP)

This method protects Python applications by combining Sentinel LDK Envelope with the Data File Encryption utility (dfcrypt) using the Version 2 data protection mode. This method works by treating the application's Python code as encrypted data files that are accessed by a Python interpreter that is protected by Envelope.

This method is available for Windows and Linux machines.

>Cython (https://cython.org/) followed by Sentinel LDK Envelope

This method protects Python applications by combining Cython with Sentinel LDK Envelope. This works by first translating your sensitive Python modules into native modules (PYD/SO files) which are then protected using Envelope.

This method provides a higher level of security because the additional compilation step lowers the code’s abstraction level and enables Sentinel LDK Envelope to protect the application as code and not just as data. This results in more sophisticated protection measures. However, this method is slightly more complicated to set up, as it requires Cython and a working C compiler.

This method is available for Windows and Linux machines.

For more information, see Sentinel LDK Envelope for Windows or Sentinel LDK Envelope for Linux.