mirror of
https://github.com/jupyterhub/the-littlest-jupyterhub.git
synced 2025-12-18 21:54:05 +08:00
yuvipanda
@@ -28,6 +28,7 @@ Development Status
|
|||||||
==================
|
==================
|
||||||
|
|
||||||
This project is currently in **pre-alpha**, and things will break all the time.
|
This project is currently in **pre-alpha**, and things will break all the time.
|
||||||
|
There is no supported upgrade pathway, and security issues most likely exist.
|
||||||
However, feedback at this time is extremely valuble, so you should still try
|
However, feedback at this time is extremely valuble, so you should still try
|
||||||
it out!
|
it out!
|
||||||
|
|
||||||
|
|||||||
@@ -5,6 +5,14 @@ The Littlest JupyterHub
|
|||||||
A simple `JupyterHub <https://github.com/jupyterhub/jupyterhub>`_ distribution for
|
A simple `JupyterHub <https://github.com/jupyterhub/jupyterhub>`_ distribution for
|
||||||
a small (0-50) number of users on a single server.
|
a small (0-50) number of users on a single server.
|
||||||
|
|
||||||
|
Development Status
|
||||||
|
==================
|
||||||
|
|
||||||
|
This project is currently in **pre-alpha**, and things will break all the time.
|
||||||
|
There is no supported upgrade pathway, and security issues most likely exist.
|
||||||
|
However, feedback at this time is extremely valuble, so you should still try
|
||||||
|
it out!
|
||||||
|
|
||||||
Installation
|
Installation
|
||||||
============
|
============
|
||||||
|
|
||||||
@@ -37,16 +45,18 @@ How-To guides answer the question 'How do I...?' for a lot of topics.
|
|||||||
howto/user-environment
|
howto/user-environment
|
||||||
howto/notebook-interfaces
|
howto/notebook-interfaces
|
||||||
|
|
||||||
Guides
|
Topic Guides
|
||||||
======
|
============
|
||||||
|
|
||||||
Guides provide in-depth explanations of specific topics.
|
Topic guides provide in-depth explanations of specific topics.
|
||||||
|
|
||||||
.. toctree::
|
.. toctree::
|
||||||
:titlesonly:
|
:titlesonly:
|
||||||
|
|
||||||
guides/requirements
|
guides/requirements
|
||||||
guides/admin
|
guides/admin
|
||||||
|
topic/security
|
||||||
|
|
||||||
|
|
||||||
Troubleshooting
|
Troubleshooting
|
||||||
===============
|
===============
|
||||||
|
|||||||
67
docs/topic/security.rst
Normal file
67
docs/topic/security.rst
Normal file
@@ -0,0 +1,67 @@
|
|||||||
|
=======================
|
||||||
|
Security Considerations
|
||||||
|
=======================
|
||||||
|
|
||||||
|
The Littlest JupyterHub is in pre-alpha state & should not be used in
|
||||||
|
security critical situations. We will try to keep things as secure as possible,
|
||||||
|
but sometimes trade security for massive gains in convenience. This page contains
|
||||||
|
information about the security model of The Littlest JupyterHub.
|
||||||
|
|
||||||
|
System user accounts
|
||||||
|
====================
|
||||||
|
|
||||||
|
Each JupyterHub user gets their own unix user account created when they
|
||||||
|
first start their server. This protects users from each other, gives them a
|
||||||
|
home directory at a well known location, and allows sharing based on file system
|
||||||
|
permissions.
|
||||||
|
|
||||||
|
#. The unix user account created for a JupyterHub user named ``<username>`` is
|
||||||
|
``jupyter-<username>``. This prefix helps prevent clashes with users that
|
||||||
|
already exist - otherwise a user named ``root`` can trivially gain full root
|
||||||
|
access to your server.
|
||||||
|
|
||||||
|
#. A home directory is created for the user under ``/home/jupyter-<username>``.
|
||||||
|
|
||||||
|
#. No password is set for this unix system user by default. The password used
|
||||||
|
to log in to JupyterHub (if using an authenticator that requires a password)
|
||||||
|
is not related to the unix user's password in any form.
|
||||||
|
|
||||||
|
#. All users created by The Littlest JupyterHub are added to the user group
|
||||||
|
``jupyterhub-users``.
|
||||||
|
|
||||||
|
``sudo`` access for admins
|
||||||
|
==========================
|
||||||
|
|
||||||
|
JupyterHub admin users are added to the user group ``jupyterhub-admins``,
|
||||||
|
which is granted complete root access to the whole server with the ``sudo``
|
||||||
|
command on the terminal. No password required.
|
||||||
|
|
||||||
|
This is a **lot** of power, and they can do pretty much anything they want to
|
||||||
|
the server - look at other people's work, modify it, break the server in cool &
|
||||||
|
funky ways, etc. This also means if an admin's credentials are compromised (
|
||||||
|
easy to guess password, password re-use, etc) the entire JupyterHub is compromised.
|
||||||
|
|
||||||
|
Off-boarding users securely
|
||||||
|
===========================
|
||||||
|
|
||||||
|
When you delete users from the JupyterHub admin console, their unix user accounts
|
||||||
|
are **not** removed. This means they might continue to have access to the server
|
||||||
|
even after you remove them from JupyterHub. Admins should manually remove the user
|
||||||
|
from the server & archive their home directories as needed. If the user removed
|
||||||
|
from the server is an admin, extra care must be taken since they could have
|
||||||
|
modified the system earlier to continue giving them access.
|
||||||
|
|
||||||
|
Per-user ``/tmp``
|
||||||
|
=================
|
||||||
|
|
||||||
|
``/tmp`` is shared by all users in most computing systems, and this has been
|
||||||
|
a consistent source of security issues. The Littlest JupyterHub gives each
|
||||||
|
user their own ephemeral ``/tmp`` using the `PrivateTmp <https://www.freedesktop.org/software/systemd/man/systemd.exec.html#PrivateTmp>`_
|
||||||
|
feature of systemd.
|
||||||
|
|
||||||
|
HTTPS
|
||||||
|
=====
|
||||||
|
|
||||||
|
The Littlest JupyterHub does not currently support HTTPS. Follow `this issue
|
||||||
|
<https://github.com/yuvipanda/the-littlest-jupyterhub/issues/29>`_ for progress
|
||||||
|
on HTTPS support.
|
||||||
Reference in New Issue
Block a user