Security and user management
See original GitHub issueWe just found out that I could delete files on a coworkers machine when he had running a dworker
using something like
from distributed import Executor
from subprocess import check_call
e = Executor('schedulermachine')
e.submit(lambda: check_call(['rm', 'test_file']))
Is it planned to add some security features and/or user management to the library?
Issue Analytics
- State:
- Created 7 years ago
- Comments:5 (5 by maintainers)
Top Results From Across the Web
User management and security - IBM
User groups are named, logical entities. You can assign permissions and users to user groups. There are two ways to set up user...
Read more >What Is User Management? - JumpCloud
Controlling and managing user access to IT resources is a fundamental security essential for any organization. A user management system enables ...
Read more >User Management in 2022 and Beyond: A Complete Guide
User management allows administrators to manage resources and organize users according to their needs and roles while maintaining the security ...
Read more >What is User Management - LoginRadius Blog
A user management system forms an integral part of identity and access management (IAM) and serves as a basic form of security. Any...
Read more >User Access Management Basics | Okta
User Access Management (UAM), aka Identity and Access Management (IAM), is the process of giving individual users within a system access to the...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I think dask cluster per user is the right way to go for this, so user management is probably out of scope. If there is an appropriate security feature, perhaps a way to use PKI and client certificates to authenticate/encrypt communication would be appropriate.
The Jupyter protocol adds basic authentication using HMAC signatures and a secret key that lives in the connection file, but no encryption, so people with access to the socket can spy on results, but not run code. If you used zmq, your could turn on both authentication and encryption with its CURVE support.
Dask supports TLS. Closing.