hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 07:23:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4135 from Christiandike/update/websecurity

Browse Source
This commit is contained in:
Sarah Gibson
2022-10-20 17:37:36 +01:00
committed by GitHub
parent 3f73671adf 145ccfbd4f
commit 283d2b75b6
1 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
docs/source/reference/websecurity.md
View File

@@ -16,9 +16,9 @@ JupyterHub is designed to be a _simple multi-user server for modestly sized
groups_ of **semi-trusted** users. While the design reflects serving semi-trusted groups_ of **semi-trusted** users. While the design reflects serving semi-trusted
users, JupyterHub is not necessarily unsuitable for serving **untrusted** users. users, JupyterHub is not necessarily unsuitable for serving **untrusted** users.
Using JupyterHub with **untrusted** users does mean more work by the Using JupyterHub with **untrusted** users does mean more work for the
administrator. Much care is required to secure a Hub, with extra caution on administrator. Much care is required to secure a Hub, with extra caution on
protecting users from each other as the Hub is serving untrusted users. protecting users from each other, since the Hub serves untrusted users.
One aspect of JupyterHub's _design simplicity_ for **semi-trusted** users is that One aspect of JupyterHub's _design simplicity_ for **semi-trusted** users is that
the Hub and single-user servers are placed in a _single domain_, behind a the Hub and single-user servers are placed in a _single domain_, behind a
@@ -47,7 +47,7 @@ ensure that:
- If the `PATH` is used to resolve the single-user executable (instead of - If the `PATH` is used to resolve the single-user executable (instead of
using an absolute path), a user **may not** create new files in any `PATH` using an absolute path), a user **may not** create new files in any `PATH`
directory that precedes the directory containing `jupyterhub-singleuser`. directory that precedes the directory containing `jupyterhub-singleuser`.
- A user may not modify environment variables (e.g. PATH, PYTHONPATH) for - A user may not modify environment variables (e.g. `PATH`, `PYTHONPATH`) for
their single-user server. their single-user server.
- A user **may not** modify the configuration of the notebook server - A user **may not** modify the configuration of the notebook server
(the `~/.jupyter` or `JUPYTER_CONFIG_DIR` directory). (the `~/.jupyter` or `JUPYTER_CONFIG_DIR` directory).
@@ -58,7 +58,7 @@ If any additional services are run on the same domain as the Hub, the services
## Mitigate security issues ## Mitigate security issues
Several approaches to mitigating these issues with configuration The several approaches to mitigating security issues with configuration
options provided by JupyterHub include: options provided by JupyterHub include:
### Enable subdomains ### Enable subdomains
@@ -76,10 +76,10 @@ resolves the cross-site issues.
### Disable user config ### Disable user config
If subdomains are not available or not desirable, JupyterHub provides a If subdomains are unavailable or undesirable, JupyterHub provides a
configuration option `Spawner.disable_user_config`, which can be set to prevent configuration option `Spawner.disable_user_config`, which can be set to prevent
the user-owned configuration files from being loaded. After implementing this the user-owned configuration files from being loaded. After implementing this
option, PATHs and package installation and PATHs are the other things that the option, `PATH`s and package installation are the other things that the
admin must enforce. admin must enforce.
### Prevent spawners from evaluating shell configuration files ### Prevent spawners from evaluating shell configuration files
@@ -118,9 +118,9 @@ extend to securing the `tcp` sockets as well.
## Security audits ## Security audits
We recommend that you do periodic reviews of your deployment's security. It is We recommend that you do periodic reviews of your deployment's security. It's
good practice to keep JupyterHub, configurable-http-proxy, and nodejs good practice to keep [JupyterHub](https://readthedocs.org/projects/jupyterhub/), [configurable-http-proxy][], and [nodejs
versions up to date. versions](https://github.com/nodejs/Release) up to date.
A handy website for testing your deployment is A handy website for testing your deployment is
[Qualsys' SSL analyzer tool](https://www.ssllabs.com/ssltest/analyze.html). [Qualsys' SSL analyzer tool](https://www.ssllabs.com/ssltest/analyze.html).