[IPython-dev] ipython html notebook server on dotcloud

Shoibal Chakravarty shoibalc@gmail....
Wed Sep 5 23:07:24 CDT 2012


Hi Jason,

I'd definitely be interested in learning more about sagecell. Is there a design document 
that I could look at?

Thanks,
Shoibal.

On 09/05/2012 10:26 AM, Jason Grout wrote:
> On 9/5/12 8:09 AM, Shoibal Chakravarty wrote:
>
>> 1. Let anybody login with a login/passwd or the various authentication
>> services.
>> 2. Give them a secure walled-in temporary directory to work in, with
>> restricted shell function access.
>> 3. Limit resources they use (memory, CPU load etc) and automatically log
>> them out if the violate this.
>> 4. Limit sessions to xx minutes.
>> 5. Set up a parallel database service for authentication and to let
>> users save their notebooks etc. (eg, MongoDB uses json as storage)
>>
>> Which of these would be easily feasible? Especially point 2. Sage seems
>> to create (and later destroy) a temporary working directory for each
>> cell  and severely limits shell access. One directory per login with
>> limited outside access might be better.
>
> It's certainly a difficult problem, since you are basically giving them shell access.  I 
> think it boils down to having a very restricted user account, quotas, and making sure 
> there aren't, for example, world-writable files anywhere.  All inside of some sort of VM 
> that is easy to reset to a known good state.
>
> You're right about Sage's approach.  There are several efforts to make things more 
> secure and scalable now, including the Sage Cell Server which relies on the IPython 
> infrastructure.  Let me know if you want more details.
>
> Thanks,
>
> Jason
>
>



More information about the IPython-dev mailing list