heebie wrote: > Hi, > > Thanks a lot for your help. I just have a few questions, if you > wouldn't mind. > > 1) Can I just send the http requests to sagenb.org, or will I have to > host the notebook myself?
I don't know; I haven't used that http protocol myself. You could try it, though. > 2) What exactly are the security implications, and are they for the > site hosting the notebook or the site sending the http requests? I > note that in that most recent link you gave me to another discussion, > some guy said that he closed his calculator down after security > concerns (a discussion which, by the way, I don't really understand) Basically, anyone that can run an arbitrary Sage command can also access a command line on the system as the user running Sage. This means that unless you've somehow locked down that account (the account that is executing the Sage command), you are basically granting every user a normal account on your computer. Currently some ways to deal with this are setting up a virtual server (so the system-wide access is contained inside the virtual machine), setting up very restricted user accounts (but you need to know what you are doing in Linux to do that). Another thing you can do is parse the command that the user enters so that "bad" commands are never executed. This can be tricky, though. The other thread currently going on in the sage-devel mailing list that I pointed out talks about doing this this way. I think this is how webMathematica works; it makes sure that the only commands executed are from a specific list of "safe" commands. > 3) Will I need to learn Python? > Sage is based on python, which means whenever you are doing anything in Sage, you are doing things in Python. It's really easy to pick up Python and will make you much more effective in Sage if you understand Python better. Thanks, Jason --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to sage-support@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sage-support URLs: http://www.sagemath.org -~----------~----~----~----~------~----~------~--~---
