[IPython-dev] Running notebook server and kernels as different users

Leo Singer lsinger at caltech.edu
Fri Aug 16 15:03:10 EDT 2013


I am helping to set up a notebook server as part of the open data initiative for LIGO (http://ligo.org/), a physics experiment on which I am working as a graduate student. The idea is to have a runnable, on-demand tutorial to show users how to retrieve and manipulate our experiment's data.

I have a question about security. We'd like to activate SSL, but since the notebook server and the Python kernels run as the same users, I am concerned that users would have the ability to read the server's private key and then compromise it. Almost as bad, users could send a kill signal to the notebook server.

Is there a way to have the notebook server start as one user and then run the kernels as another user, to protect the notebook server itself from such attacks?

Leo Singer
Graduate Student @ LIGO-Caltech

More information about the IPython-dev mailing list