On Fri, Jan 16, 2009 at 6:54 PM, Jason Grout <jason-s...@creativetrax.com> wrote: > > Nathan Carter wrote: >> >> Well, I guess I'll answer my own question, especially since I'm >> feeling rather like a moron. I Googled like crazy when what I should >> just have done was read the manual. D'oh. >> >> http://www.sagemath.org/doc/inst/node8.html >> http://www.sagemath.org/doc/inst/node10.html > > > I like the first page, mostly. I don't like the second page; from what > I understand, chroot is *not* a full jail, like jails on FreeBSD or > containers on Solaris.
Yes, that is very outdated, and there is no reason anybody should use chroot these days. I've made trac #4989 to delete that section from the manual: http://trac.sagemath.org/sage_trac/ticket/4989 > > If you have the resources and want a more secure solution, I think you > ought to run a server inside of vmware or virtualbox. +1 >> I agree that it takes time and it's a little frustrating to set up >> servers; mainly because doing things securely is *hard*, in general. That's a good general remark -- it's not at all special to the sage notebook. If you don't care about security it is trivial for anybody to start a sage server in seconds that anybody in the world can abuse: sage: notebook(address="", accounts=True) Done. Just don't complain when somebody uses it to delete all your files... Doing things securely takes more work. Hopefully it will take less work in the future. But doing this securely using what Sage provides is I think a lot easier than creating a web page that provides an online interactive math software environment without using Sage. By the way, despite all my warning in response to the document posted before, if you use vmware or virtual box, the worst that will happen is somebody will mess up the virtual machine, and you'll have to restore it from a snapshot or backup. -- William --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to sage-support@googlegroups.com To unsubscribe from this group, send email to sage-support-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-support URLs: http://www.sagemath.org -~----------~----~----~----~------~----~------~--~---
