On Wed, Apr 8, 2020 at 6:18 AM Denis <denissu...@gmail.com> wrote: > > Hi Markus, > > well, that would be the non-paranoic approach, to put it mildly. Generally > speaking, it is against best practices to expose the server of a web > application to the open internet.
IMHO this is not exposing the server to "open internet", this is allowing your client machine (at home), and only it (using "bind addess), to access your server --- which, normally speaking, is behind a firewall that does not allow any connections to it, expect perhaps on the ssh port. cf. https://www.ssh.com/ssh/tunneling/example > This is true even for a CMS like Plone, let alone Jupyter, which is intended > for execution of arbitrary code. So that is in effect what my doc would be > about, describing how to reach the Sage server through a front end > specialized for the internet, nginx in particular, because that is what I > used. > > Admittedly the probability of attack against someone doing like you is pretty > low, especially if you shut down Sage after use. So I have my doubts about > how interesting the doc would be for the general user, hence this post. > > -- > You received this message because you are subscribed to the Google Groups > "sage-devel" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to sage-devel+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/sage-devel/239cb259-1be0-4b10-8878-888e5f645295%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/CAAWYfq0b5iqj%2BLi3xXN_PEs%2B6GPvKSxLBE8cykwKJH_P3nuA3A%40mail.gmail.com.
