Notebook: How to prevent that users can access cell content of other users?
I set up a Sage Notebook server which is going to be accessible by multiple users, but I have problems securing it. I am using version 6.4.1.
I invoke the notebook() command with the server_pool=[...] setting, and the $HOME/.sage directory of the user which starts the sage notebook (as well as for the users specified in server_pool) has permissions 700, so it is impossible for users to directly access the worksheets of other users.
However when I do cat /tmp/*/*.py
in the notebook (after setting language to "sh" of course), I get some cell contents of other users. Those files in /tmp belong to the main sage user, and have permissions rw-r--r--.
I already tried setting umask to 077 before invoking the sage notebook, but when I do so, the notebook does not work at all (it starts, but all commands I enter in cells seem to take an infinite amount of time).
Is there a way to secure the sage notebook, such that it is impossible for one user to see any part of worksheets of other users?
I've reported this upstream at https://github.com/sagemath/sagenb/is... Unfortunately, I don't have a good immediate solution.