On 6/27/07, Michel <[EMAIL PROTECTED]> wrote: > > After some deliberation I think that the issues I pointed out > in my last mail have not much > to do with the notebook but rather with the implementation of > the chroot jail. The only genuine issue is that the notebook server > should not create world readable files. > > And if I read Timothy's code correctly the notebook users > sage** have easy to guess passwords which is also bad of > course!
I don't know what Timothy thinks he is doing, since the sage** users have password login totally disabled: server4:$1$930823p9lENrsv$EHH6O8szVcckWIYXGRtVQ/:13685:0:99999:7::: sage1:!:13685:0:99999:7::: sage2:!:13691:0:99999:7::: sage3:!:13691:0:99999:7::: sage4:!:13691:0:99999:7::: ... The server logs into each sagei account using ssh RSA keys, which are stored in /home/sage**/.ssh/authorized_keys I just fixed the permissions, so the sage** user can't mess up their own authorized_keys file. William --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to sage-devel@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sage-devel URLs: http://sage.scipy.org/sage/ and http://modular.math.washington.edu/sage/ -~----------~----~----~----~------~----~------~--~---
