On 4/5/07, Surendran KK <> wrote:
> Yes, I stopped Apache and ran the notebook server thus:
> #apache2 -k stop
> #sage
> sage: notebook(port=80,address=59.91.210.124)
> WARNING -- it is *extremely* dangerous to let the server listen
> on an external port without at least setting a username/password!!
> ****************************************************
> *
> *
> * Open your web browser to http://59.91.210.124:80 *
> *
> *
> ****************************************************
> Does the warning mean one should implement some authentication for getting
> to this url?
Yes. Because, e.g., when that's running anybody who connects to that
web page could just run arbitrary code on your computer. They can do, e.g.,
os.system('rm -rf /')
and delete all files owned by the notebook user, etc. Note good.
A minimal precaution is to at least type
notebook(..., username="something", password="something else")
This is still not so secure, because we don't _yet_ send the username
and password back and forth encrypted -- but it helps.
> Thank you very much. The integration of modules in SAGE is remarkable.
I'm glad you like it. Comments are very much appreciated.
>
> Surendran
--~--~---------~--~----~------------~-------~--~----~
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/sage-support
URLs: http://sage.math.washington.edu/sage/ and http://sage.scipy.org/sage/
-~----------~----~----~----~------~----~------~--~---
