[IPython-dev] Notebook kernels + LXC

Jason Grout jason-sage at creativetrax.com
Wed Oct 24 22:52:52 EDT 2012

On 10/24/12 11:48 AM, Thomas Kluyver wrote:
> A question on SO [1] got me thinking again about security in
> multi-user cases. I've read recently about LXC [2], which provides
> lightweight isolated environments for a set of processes.
> Is there mileage in an option for the notebook server to start each
> kernel in a new LXC container? That would give OS-level limitations on
> what a remote user can do, without the overhead of running full
> virtual machines. I imagine this could be paired with a way to share
> access to a particular notebook or session, so a malicious user
> getting access can only damage files in that project. It could
> probably also be set up so that file access is read-only.
> Of course, I may be on completely the wrong track. But the notebook is
> clearly going to be used in cases where the 'all or nothing' access to
> the underlying system is too coarse. Maybe this is one way to offer
> finer-grained control.
> [1] http://stackoverflow.com/questions/13044921/prevent-user-del-files-in-ipython-notebook-environment/13053501#13053501
> [2] http://lxc.sourceforge.net/

The wikipedia article has some interesting links, like:


that indicate that (at least a year ago) things were not finished enough 
to be really secure.

might be a good read for ways to isolate processes.



Jason Grout
jason.grout at drake.edu

More information about the IPython-dev mailing list