Would be nice if each user's interpreter is started in its own docker container a-la cloudera data science workbench. Then each user's shell interpreter is pretty isolated. Actually, from a CDSW session you could pop up a terminal session to your container which I found pretty neat.
-- Ruslan Dautkhanov On Wed, Nov 29, 2017 at 5:00 PM, Jeff Zhang <zjf...@gmail.com> wrote: > > Shell interpreter is a black hole for security, usually we don't recommend > or allow user to use shell. > > We may need to refactor the shell interpreter, running under zeppelin user > is too dangerous. > > > > > > Jongyoul Lee <jongy...@gmail.com>于2017年11月29日周三 下午11:44写道: > >> Hi, users and dev, >> >> Recently, I've got an issue about the abnormal usage of some interpreters. >> Zeppelin's users can access shell by shell and python interpreters. It >> means all users can run or execute what they want even if it harms the >> system. Thus I agree that we need to change some default settings to >> prevent this kind of abusing situation. Before we proceed to do it, I want >> to listen to others' opinions. >> >> Feel free to reply this email >> >> Regards, >> Jongyoul >> >> -- >> 이종열, Jongyoul Lee, 李宗烈 >> http://madeng.net >> >
