[IPython-dev] TaskController security

Fernando Perez fperez.net@gmail....
Wed Jan 30 02:13:56 CST 2008


Hi Michael,

On Jan 29, 2008 3:16 PM, Michael McLay <michael.j.mclay@gmail.com> wrote:
> Some experimentation with the TaskController in the ipython1 trunk has
> been very encouraging. It looks like a great tool for managing a queue
> of tasks that need to be executed on a cluster, or even distributed to
> a bunch of workstations in an office. TaskController seems to do a
> decent job of scheduling the execution of tasks without any tweeking
> required. Thanks for making the software available. It was very easy
> to get the software to work with our software.  Almost too easy. I am
> puzzled that there is almost nothing written on using TaskController.
> Also, the development seems to have stopped. Is development completed
> and documentation simply not necessary?

I'm glad to hear it worked for you.  I won't go into much detail now,
since I just sent that XXXL message about future development a moment
ago.  But hopefully from that message it should be clear that we DO
intend, very much, to continue developing this, and that better docs
are a key objective.  All hands welcome :)

> What are the security recommendations for using ipython1? How can an
> application protect the RemoteController and a TaskController used to
> parcel out tasks on a local network? It looks like a rogue application
> could simply connection to the RemoteController and corrupt data on
> any engine connected to the controller. The following email suggests
> work was planned to add security to ipython1:
>
>     http://article.gmane.org/gmane.comp.python.ipython.devel/1467
>
> The mailing list archive was cold on the subject after that thread and
> the word security only exists in the twisted portion of the source
> tree. What was planned and what happened to those plans?
>
> Any leads on adding security would be appreciated? Where you going to
> use Twisted's security to manage access to controllers?

Security so far simply hasn't been done.  Most of us have been using
this on trusted subnets, but it would obviously be madness to put
these engines on publicly visible ports as they are right now.  I know
next to nothing about network security, and in particular about how to
set up a system where we can balance convenience, performance (I don't
want mandatory encryption for every controller/engine communication,
which would obliterate performance) and security.  This is precisely
one area where contributions from others who know the problem domain
better would be very welcome.

The simplest thing to do would be to at least put some form of
authentication in front of the controller, so that an open controller
doesn't simply accept random client connections.  That would be
already a big help, and from there more refined schemes can be
implemented.  Since this is by definition network-based, reusing all
that Twisted has to offer here certainly seems like a reasonable
starting point, but I can't really say anything in detail, since I
just don't know.

Cheers,

f


More information about the IPython-dev mailing list