On Thursday, August 22, 2013 11:53:07 AM UTC-7, jason wrote: > I think the best way to distribute a runnable cell server is as a > virtual machine image. At least then it is sandboxed into a virtual > machine where someone has seriously considered the security implications. > +1
The inherent insecurity of sagecell has prevented me from recommending it to people to use in course materials. Even using a "public" cell server run by someone else seemed like a bad idea because such a service could disappear at any time due to abuse (and now you're left with defunct course materials!) I didn't see how to set it up with acceptable security within a university either. If it were available as a plug-in on some authenticated platform (the university's CMS) AND running in a closed-off sandbox it would probably be acceptable, even if the plug-in wasn't logging the identities with the transactions, because at least it wouldn't appear to be anonymous, and as long as the service is only accessible through an authenticated gateway, at least the population of possibly attackers is drastically reduced (and reduced to a group who probably feel they benefit from keeping the service alive) -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To post to this group, send email to sage-devel@googlegroups.com. Visit this group at http://groups.google.com/group/sage-devel. For more options, visit https://groups.google.com/groups/opt_out.
