1

Brief summary:

  • I have two files: foo1.pyw and foo2.py
  • I need to send large amounts of sensitive information to foo2.py from foo1.pyw, and then back again.
  • Currently, I am doing this by writing to a .txt file, and then opening it with foo2.py using: os.system('foo2.py [text file here] [other arguments passing information]') The problem here is that the .txt file then leaves a trace when it is removed. I need to send information to foo2.py and back without having to write to a temp file.
  • The information will be formatted text, containing only ASCII characters, including letters, digits, symbols, returns, tabs, and spaces.

I can give more detail if needed.

Improve this question

3 Answers 3

Reset to default
1

You could use encryption like AES with python:http://eli.thegreenplace.net/2010/06/25/aes-encryption-of-files-in-python-with-pycrypto or use a transport layer: https://docs.python.org/2/library/ssl.html.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I know nothing about what SSL is, so can you please explain to me how TLS will help me in laymen terms?
@AustinSmith Essentially all data that passes from one file travels through an "open road" that can be intercepted by a middle-man-attack. What a SSL/TLS does, is it essentially creates a tunnel that passes underneath the "open road" thus making it harder for someone to intercept. --Best used for server/client communication.
How could I use this for local-security, sending raw information between files?
0

If what you're worrying about is the traces left on the HD, and real time interception is not the issue, why not just shred the temp file afterwards?

Alternatively, for a lot more work, you can setup a ramdisk and hold the file in memory.

The right way to do this is probably with a sub-process and pipe, accessible via subprocess.Popen You can then directly pipe information between the scripts.

Improve this answer

3 Comments

I'm not worried about interception but I would like to try and prevent it. And I do use basic shredding. But it's very hard(sometimes impossible) to shred files from an SSD. I would rather use some sort of data transfer between the files, and not worriy about shredding.
Also, I just noted you linked me to an information page on Linux Shred. Do note that Windows doesn't have this feature so I've been trying to implement it myself with limited success.
@Austin I've added another option, which should work in Windows.
0

I think the simplest solution would be to just call the function within foo2.py from foo1.py:

# foo1.py
import foo2
result = foo2.do_something_with_secret("hi")

# foo2.py
def do_something_with_secret(s):
  print(s)
  return 'yeah'

Obviously, this wouldn't work if you wanted to replace foo2.py with an arbitrary executable.

This may be a little tricky if they two are in different directories, run under different versions of Python, etc.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.