[IPython-dev] pyzmq authentication

Brian Granger ellisonbg at gmail.com
Tue May 31 23:07:15 EDT 2011 

Jason,

The other thing to consider is that the main frontend that will need
security is the html notebook.  For that, we do plan on having HTTPS
enabled by default.

Cheers,

Brian

On Tue, May 31, 2011 at 11:45 AM, MinRK <benjaminrk at gmail.com> wrote:
> On Tue, May 31, 2011 at 11:13, Jason Grout <jason-sage at creativetrax.com> wrote:
>> On 5/31/11 12:57 PM, MinRK wrote:
>>>
>>> We did briefly have an encrypted socket, but the zeromq community
>>> rightly opposed that rather vehemently, largely because we aren't
>>> security experts, and the illusion of security provided by a poor
>>> implementation is really *less* secure than having no security at all.
>>>
>>> Our answer with IPython is that SSH provides our security.  Typically
>>> the Controller listens on localhost, and the best way to connect to it
>>> from another machine is with an SSH tunnel (IPython does help create
>>> the tunnels) rather than listening on a public port.  We do provide a
>>> small level of additional security by including an authentication key
>>> in all messages that is checked when receiving to determine if the
>>> sender is authorized to make a request.
>>
>> If I understand things correctly, if I have several frontends running code
>> on a single backend server (with multiple kernels---the sage notebook is my
>> usecase), then untrusted code from any of the kernels could connect to and
>> mess with the other sessions, right?  Is it correct to say that any user
>> could connect with any kernel running on the same server?
>
> Oh, you are talking about the *non* parallel kernel.  Yes, that code
> has exactly zero security - anyone with access to the sockets can
> execute arbitrary code.  We really do need to replace
> IPython.zmq.session with the one in the parallel code which does
> include simple key checking, which should be per-kernel (or
> per-cluster in the parallel code).
>
> -MinRK
>
>>
>> Thanks,
>>
>> Jason
>>
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev
>



-- 
Brian E. Granger
Cal Poly State University, San Luis Obispo
bgranger at calpoly.edu and ellisonbg at gmail.com

More information about the IPython-dev mailing list