[IPython-dev] ipython html notebook server on dotcloud
Wed Sep 5 23:07:24 CDT 2012
I'd definitely be interested in learning more about sagecell. Is there a design document
that I could look at?
On 09/05/2012 10:26 AM, Jason Grout wrote:
> On 9/5/12 8:09 AM, Shoibal Chakravarty wrote:
>> 1. Let anybody login with a login/passwd or the various authentication
>> 2. Give them a secure walled-in temporary directory to work in, with
>> restricted shell function access.
>> 3. Limit resources they use (memory, CPU load etc) and automatically log
>> them out if the violate this.
>> 4. Limit sessions to xx minutes.
>> 5. Set up a parallel database service for authentication and to let
>> users save their notebooks etc. (eg, MongoDB uses json as storage)
>> Which of these would be easily feasible? Especially point 2. Sage seems
>> to create (and later destroy) a temporary working directory for each
>> cell and severely limits shell access. One directory per login with
>> limited outside access might be better.
> It's certainly a difficult problem, since you are basically giving them shell access. I
> think it boils down to having a very restricted user account, quotas, and making sure
> there aren't, for example, world-writable files anywhere. All inside of some sort of VM
> that is easy to reset to a known good state.
> You're right about Sage's approach. There are several efforts to make things more
> secure and scalable now, including the Sage Cell Server which relies on the IPython
> infrastructure. Let me know if you want more details.
More information about the IPython-dev