After some deliberation I think that the issues I pointed out
in my last mail have not much
to do with the notebook but rather with the implementation of
the chroot jail. The only genuine issue is that the notebook server
should not create world readable files.
And if I read Timothy's code correctly the notebook users
sage** have easy to guess passwords which is also bad of
course!
Michel
On Jun 27, 11:20 am, Michel <[EMAIL PROTECTED]> wrote:
> So far everything looks good. For serious testing one would need the
> source
> of the notebook.
>
> Here are some points.
>
> (1) Practically the whole (chroot)filesystem seems to be readable for
> the notebook users.
>
> (a) I could even read a backup file of /etc/shadow (/etc/shadow-).
> (b) I could look at other people's worksheets.
>
> The default file creation permissions should be changed I think.
>
> (2) It seems the notebook users cannot naively write to the file
> system.
> But they can write to /tmp. What policy do you want to implement here?
>
> (3) The notebook users seem to have internet access so they could
> execute
> denial of service attacks against other computers. Shouldn't internet
> access
> for notebook users be turned off by default?
>
> Michel
>
> On Jun 27, 10:25 am, Michel <[EMAIL PROTECTED]> wrote:
>
> > So the notebook processes are executing the actual sage commands?
> > What is then the "notebook server"?. Is it just the webserver?
>
> > This seems indeed quite secure provided the server never executes code
> > somehow
> > under control of the user.
>
> > Note: I still think notebook processes should be restarted
> > automatically (or on demand).
> > Having to push "restart" when you log in is confusing.
>
> > Michel
>
> > On Jun 27, 9:56 am, "William Stein" <[EMAIL PROTECTED]> wrote:
>
> > > On 6/27/07, Michel <[EMAIL PROTECTED]> wrote:
>
> > > > Doing
>
> > > > sage: import os
> > > > sage: os.system('whoami')
> > > > sage10
> > > > sage: os.system("kill -9 `ps -u sage10 -o pid=`")
>
> > > > still seemed to throw me out.
>
> > > > Connection to localhost closed by remote host.
> > > > Connection to localhost closed.
>
> > > > Is that expected? Logging out and in again did not seem to restore
> > > > my connection.
>
> > > Hi, the three sage notebooks are still working fine for me.
> > > All what you did above does is kill the SAGE worksheet process
> > > for your individual worksheet -- I.e., you shot your own user in
> > > the foot. It shouldn't (and doesn't) affect the overall
> > > SAGE notebook server in any nontrivial way, as far as I can tell.
>
> > > William
--~--~---------~--~----~------------~-------~--~----~
To post to this group, send email to sage-devel@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/sage-devel
URLs: http://sage.scipy.org/sage/ and http://modular.math.washington.edu/sage/
-~----------~----~----~----~------~----~------~--~---
