04973 - 2y
I'm happy to present #SelfHash, a #Python package that adds an extra layer of security to your scripts🐍. SHA-256 verifies the code integrity before execution and defeats the "chicken or egg" hash in code issue. "pip install selfhash" will get you going. https://pypi.org/project/selfhash/ #SelfHash is only one piece of a greater security ecosystem. Future releases plan to have: - Self caller verification - Identification of "protected/unprotected" modules - Hash tables/MACs (maybe but might not be needed) - Local keystore something something/TPM/encryption https://image.nostr.build/cf769ddee65be697dacf4c4eb385109b6d6fbfeecb0a574d43e0d73e2448b211.png
If they make any updates to the file then the hash would change the check would fail. The SelfHash files themselves are hashed and one could verify that against committed source if they wanted (Github currently). I added a salt (something you know) to help prevent malicious script updates with a hash header update. It’s not perfect, but I am liking the extra verification/check. We are looking at self-verifying the caller itself so that verification of SelfHash itself happens on import. https://github.com/ronaldstoner/selfhash-python/pull/6/files for example
Thanks! Please do and let me know if you have any suggestions for more feedback. I know there are many ways to make this better/more secure.
