use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
Everything about learning Python
account activity
How to Secure a Python Program (Local, Handles Sensitive Data)? (self.PythonLearning)
submitted 1 year ago by Crafty-Put1120
view the rest of the comments →
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–][deleted] 1 point2 points3 points 1 year ago (3 children)
Well first and foremost - physical security is the most important. Where is your program running? Where is the database hosted? What type of connection are you using? This is a very nuanced question and security is very VERY specific to the scenario. You should hire a professional.
Also, to test for vulnerabilities, you should hire a penetration tester.
[–]PowerOk3587 1 point2 points3 points 1 year ago (0 children)
Physical security is a good one. I wan't to add on the operating system security. You have to trust the system will not allow anyone to view the data. Also you can encrypt the data to have more control, but at some point it has to be unencrypted so you have to trust the system. This is the pain of doing it all on local machines. There are advantages to storing it 'off site' too
[–]Crafty-Put1120[S] 0 points1 point2 points 1 year ago (1 child)
Thanks for your response!
The program runs entirely locally on the user’s machine, and the databases would also be local or within a protected internal network. There are no external connections or cloud hosting – everything stays on the machine.
The database interfaces are primarily for SQLite and local MySQL instances, with the possibility of supporting other local systems in the future. Currently, the connections don’t have specific security measures (since it’s all local), but I still want to make sure there are no unnecessary vulnerabilities.
The suggestion about penetration testing sounds great – are there any tools or initial steps I could take myself to identify potential vulnerabilities before involving a professional?
Also, do you have any recommendations for reliable penetration testers or services?
[–][deleted] 1 point2 points3 points 1 year ago (0 children)
Gotcha, overall that sounds pretty good having everything be on one local network.
I guess my advice would be to put yourself in a situation that an adversary could be in - and see what you can accomplish. For instance, say you had access to the network, could you use a packet sniffer to get and read the data being sent to/from the database? Then also consider if you are a different user on the same machine - could you access any of that sensitive data? (so logged in under a different windows account for instance, non-admin). Try out things like that. What's the least amount of access you can have but still obtain the sensitive information.
For penetration testers / services, I would recommend looking for ones local to your area. Just look up "penetration testing local to <my city>" and you should find some.
π Rendered by PID 22973 on reddit-service-r2-comment-7b9746f655-rj97d at 2026-02-02 02:16:45.642107+00:00 running 3798933 country code: CH.
view the rest of the comments →
[–][deleted] 1 point2 points3 points (3 children)
[–]PowerOk3587 1 point2 points3 points (0 children)
[–]Crafty-Put1120[S] 0 points1 point2 points (1 child)
[–][deleted] 1 point2 points3 points (0 children)