Ask Your Question
2

Setting up a public Sage server

asked 2013-01-26 07:03:41 +0200

Caterpillar gravatar image

Hi. I have a desktop computer with an Athlon II X3 440 (probably he will be updated soon with an AMD FX 8350), 32Gb of RAM and Fedora 17 64bit. I would like to set up a public Sage server on a unprivileged Fedora user. I am not a security expert, but I need to avoid abuses, so I need suggestions how to secure a public Sage server, where people can sign in from Sage server's webpage and start immediately

The wiki page http://wiki.sagemath.org/SageServer does not seem to be enough for my needs

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
1

answered 2013-01-26 10:37:40 +0200

Jason Grout gravatar image

updated 2013-01-26 10:42:13 +0200

If you are not a security expert, I would highly suggest getting a local one to help you. There are lots of subtleties in the security issues. Basically, a Sage server is allowing a random person to execute whatever code they want on your computer, which is not easy or straightforward to defend against.

The wiki page you link is written for Ubuntu; is that why it is not useful? If you are not very comfortable with linux in general, and security in particular, I'd suggest getting someone else who is expert in these things to set up a public server (or spending at least a good several months reading up on linux security). If you are wanting to instead set up a server for a group of people that you trust, that's a different matter.

At a bare minimum, I would suggest restricting network connections for the restricted user, putting ulimits on the restricted user, implementing a quota system for the restricted user, restricting the user's ability to write to their own config files, etc. Maybe use tools from SELinux (like in http://docs.fedoraproject.org/en-US/F...

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2013-01-26 07:03:41 +0200

Seen: 943 times

Last updated: Jan 26 '13

Related questions

Security in Sage

sage server in other than apache document root

notebook server daemon + security issues

Public interactive not working

Publishing worksheets in Wordpress, Blogger...

Using javascript towards regular Sage cluster

Sage cell server install

Non-SSL security for Sage Math Servers

how to get output in a mixed fraction?

Can I shutdown the server from the admin web interface?

Copyright Sage, 2010. Some rights reserved under creative commons license. Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.7.59