Currently Router, Broker, Pipeliner and PipelineManager do not need to authenticate one with each other, so the system is vulnerable by attacks if you do not close your machines using a firewall or something like this.
One possible solution is to use HMAC to authenticate messages, like ipython parallel's approach.
Currently
Router
,Broker
,Pipeliner
andPipelineManager
do not need to authenticate one with each other, so the system is vulnerable by attacks if you do not close your machines using a firewall or something like this. One possible solution is to use HMAC to authenticate messages, like ipython parallel's approach.Using HMAC is as simple as:
Maybe the project "it's dangerous" by mitsuhiko can helps.