ondemand icon indicating copy to clipboard operation
ondemand copied to clipboard

Published 20 hours ago verified publisher icon OSC

Set more secure default values for whitelist_paths/allowlist_paths

Open ericfranz opened this issue 4 years ago • 1 comments

  • whitelist_paths/allowlist_paths are not set by default
  • in 2.0 we should default to the home directory or home directory+favorites (and for job composer, perhaps also include the template directories in /etc/)

┆Issue is synchronized with this Asana task by Unito

ericfranz avatar Oct 23 '20 00:10 ericfranz

Seems like we need to clarify requirements here. For example, we might want to support a deny_list and not let easy access to hidden directories by default (ssh keys, etc.)?

Also https://github.com/OSC/ondemand/issues/881 might change the story here altogether.

ericfranz avatar Apr 26 '21 15:04 ericfranz