Actually it is possible to do it, in some operating systems. For instance EROS can have software that you can run, but which you cannot read and you likewise cannot directly read the data that software is working from.

This is, of course, limited by the physical security of your machine and method of distribution, but it can be done on a multi-user system.

(The AS400 is another true capability system so I would expect that you could this this in the AS400 as well. Of course it is impossible in ACL based systems, and so-called "POSIX capabilities" again don't help.)

Beyond that this kind of software protection does have a point. Physical security systems are not sold as secure. They are sold rated in terms of how long it takes to break them. The fact that it can be broken, can be reverse engineered is irrelevant. The fact that it will take X effort is what counts.

Is a lock useless because someone can batter down the door? A combination lock because someone can just try combinations? It may not be as secure as most believe, but that doesn't make it useless.