[IPython-dev] Notebook kernels + LXC
Jason Grout
jason-sage at creativetrax.com
Wed Oct 24 22:52:52 EDT 2012
On 10/24/12 11:48 AM, Thomas Kluyver wrote:
> A question on SO [1] got me thinking again about security in
> multi-user cases. I've read recently about LXC [2], which provides
> lightweight isolated environments for a set of processes.
>
> Is there mileage in an option for the notebook server to start each
> kernel in a new LXC container? That would give OS-level limitations on
> what a remote user can do, without the overhead of running full
> virtual machines. I imagine this could be paired with a way to share
> access to a particular notebook or session, so a malicious user
> getting access can only damage files in that project. It could
> probably also be set up so that file access is read-only.
>
> Of course, I may be on completely the wrong track. But the notebook is
> clearly going to be used in cases where the 'all or nothing' access to
> the underlying system is too coarse. Maybe this is one way to offer
> finer-grained control.
>
> [1] http://stackoverflow.com/questions/13044921/prevent-user-del-files-in-ipython-notebook-environment/13053501#13053501
> [2] http://lxc.sourceforge.net/
The wikipedia article has some interesting links, like:
http://blog.bofh.it/debian/id_413
that indicate that (at least a year ago) things were not finished enough
to be really secure.
Also,
http://en.wikipedia.org/wiki/Comparison_of_platform_virtual_machines
might be a good read for ways to isolate processes.
Thanks,
Jason
--
Jason Grout
jason.grout at drake.edu
More information about the IPython-dev
mailing list