On Apr 4, 2009, at 12:43 AM, Thierry Dumont wrote:
> I am always preparing me Sage "University wide" server..
>
> I think I have a big security problem:
>
> Sage create users (looking for this in my ldap server, but this
> changes
> nothing from a public server where every one can create an account).
> One an account is created, I can access and *destroy* all other
> accounts; it is sufficient for this to log in on the notebook,
> then to
> launch the python interpreter; at is point I can do:
>
> system('ls -l /scratch/sage/.sage/sage_notebook/worksheets/')
>
> and worse:
>
> system('rm -rf /scratch/sage/.sage/sage_notebook/worksheets/foo')
>
> Mmmpf...
>
> Is there any way to avoid this ?
See the server_pool option, which can be used to mitigate this kind
of abuse. I think the only real security will come by assigning a one-
to-one correspondence between notebook users and unix accounts, but
as of yet there's not a way to do that. Or it would be cool if one
could create restricted ephemeral uids to run the worksheets
processes under.
We mostly rely on the benevolence of 99% of the users out there, and
the fact that there's little to gain by taking the notebook down.
(Also, as it's in a VMware image, it's easy to restore so it's not
like you can seriously hurt us).
- Robert
--~--~---------~--~----~------------~-------~--~----~
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/sage-support
URLs: http://www.sagemath.org
-~----------~----~----~----~------~----~------~--~---
