How to encrypt python files called with subprocess in executable

[John2397]

I have a python script that calls other python scripts using subprocess.Popen. These other python scripts are located in different directories.

My end goal is to make the program executable using pyinstaller, in an attempt to make the code a bit more secure.

1. My first question is, if I make an executable with the option --onefile and --key="1234567812345678", isn't this supposed to encrypt the python file specified in Analysis of .spec file? Because when I execute the executable and go to the _MEIXXXX directory, that python file is still there and I don't see any .pyc or any encrypted files.

2. My second question is, is it possible to encrypt the python files that I call with subprocess.Popen, so that when someone opens the _MEIXXXX directory to see the encrypted python files instead of the .py ones? I already add these python files on datas and use the temporary folder path to execute then with subprocess but they are not encrypted.

My concern basically is that the python files are directly available for anyone that opens the temporary folder that is created at runtime, and this is the one I want to protect.

[bwoodsend]

I have a python script that calls other python scripts using subprocess.Popen. These other python scripts are located in different directories.

A PyInstaller build does not contain the Python interpreter so you won't be able to do this with or without encryption.

[bwoodsend]

That sounds very likely. What does your subprocess.run() command look like? Or at least, what's the first argument? Is is "python" or sys.executable?

[John2397]

It's "python" yes. It uses the system's python (or venv's if it's being executed in a venv)

[John2397]

So if I understood correctly, one way to call other python scripts would be with multiprocessing module.
And since it would require to import the python scripts first before calling them (something that is not required with subprocess), pyInstaller would embed them to the executable and encrypt those as well.
Am I correct?

[bwoodsend]

yes

[John2397]

Thank you a lot I appreciate your help.

[bwoodsend]

Because when I execute the executable and go to the _MEIXXXX directory, that python file is still there and I don't see any .pyc or any encrypted files.

Are you sure about this? There should be no .py or .pyc files anywhere unless you either use --add-data=your-code.py:. or --debug=noarchive.

[John2397]

Oh I'm sorry. Indeed I add a folder on datas that contains that python file.