-
Notifications
You must be signed in to change notification settings - Fork 505
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
using voila specific kernel manager #41
using voila specific kernel manager #41
Conversation
Also allow the |
ef5c782
to
5fdbd49
Compare
@@ -125,6 +138,7 @@ def start(self): | |||
'comm_msg', | |||
'comm_info_request', | |||
'kernel_info_request', | |||
'custom_message', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need custom_message here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was confused about this, and now even more. I remember seeing warnings in the console from voila that custom_message
was send and ignored. I assumed that it was a custom message like the Button widget uses to communicate the click event. But that should be a regular comm_msg
right? So what is custom_message, and who would send that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is not part of the kernel protocol. I think it is an ad-hoc message that was used by the ipywidgets_server
to trigger initial execution.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That must have been it, so it can be removed.
Thinking about this a bit more, having a separate kernel manager for voila could also be very useful to:
|
I can rebase this PR onto the latest master tomorrow. (cc @maartenbreddels let me know if you have any objections) |
Yes, please go ahead, I think we should have a different manager, with different defaults, different permissions, and different authentication. |
Something that crossed my mind: Would it be a different pool of kernels? Like would a kernel spawned by notebook or lab be visible to voila? |
It looks like this should be possible at the moment with voila running as a server extension sharing the same kernel manager as the notebook server, by passing an existing Line 120 in b75e05f
Although there will probably be some issues with the widgets (multiple clients for the same kernel)
If we isolate the voila kernel manager, then this becomes a bit trickier. Unless the voila kernel manager is able to proxy some of the messages to the other kernel manager (not sure yet if that's even possible right now). |
Currently yes, but there are ways around that, and for sure it's going to be supported in the future :) |
5fdbd49
to
00336b7
Compare
I don't think that this resolves the arbitrary code execution issue though, because the raw jupyter server always exposes the base |
A couple of things to cover before this change can be considered as "ready":
|
The |
Closing as the proposed changes are not applicable anymore to the next release of Voila |
Now voila and the server extension both use a voila_kernel_manager instead of kernel_manager. This means that voila used as server extension also does not allow arbitrary code execution.