hexylena
commented
10 years ago This should be ready as of d763689b. More testing is needed before this is merged with master.
Closed hexylena closed 10 years ago
hexylena
commented
10 years ago This should be ready as of d763689b. More testing is needed before this is merged with master.
hexylena
commented
10 years ago Unfortunately this may not be possible:
See the docker changelog for the following quote from 0.8.1 release:
Drop NET_ADMIN capability for non-privileged containers. Unprivileged containers can't change their network configuration
This was found via https://github.com/docker/docker/issues/4424
hexylena
commented
10 years ago Might be possible to hook into Galaxy's auth: https://github.com/ipython/ipython/issues/2770
hexylena
commented
10 years ago hexylena
commented
10 years ago Closed in favour of #6
To secure containers (as best we can without access to galaxy's authentication), we need to provide IP address whitelisting for use in the containers. This is already started, but not complete due to docker issues.
There is a severe security vulnerability produced as a result of this lack of authentication, which we will consider in the following scenario:
Alice is happily using IPython Notebook from within Galaxy. Bob has turned evil and is portscanning galaxy instances looking for open IPython Notebooks (should be relatively trivial to do, not everyone runs python tornado webservers). Bob finds an open notebook, connects to it, and creates a new notebook in which he runs
At this point Bob knows Alice's API key and it's game over for her. He has complete access to all the data she has access to.