On Jun 21, 2010, at 4:47 PM, Ralf Hemmecke wrote:
What exactly has been done to prevent users of http://sagenb.org to do
mischief on that server.
It's easy to set the session type to "sh" and find out about the
system.
All worksheet processes run as (several) limited-privilege users
within a virtual machine. Of course more could be done, but that's at
least something. Also, Yoav Aner did a thesis on the securing of the
Sage notebook (available at http://sagemath.org/library-publications.html
).
- Robert
--
To post to this group, send an email to sage-devel@googlegroups.com
To unsubscribe from this group, send an email to
sage-devel+unsubscr...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/sage-devel
URL: http://www.sagemath.org
