This repository has been archived by the owner on Feb 16, 2023. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 217
Remote Code Execution (Security) #66
Comments
@Mike96Angelo has experience with remote code execution |
I would also like to stay clean of docker unless necessary. Installation is way easier right now than if we were using docker imo |
We could export tensors to a CSV https://stackoverflow.com/questions/36158058/torch-save-tensor-to-csv-file |
and then we support specific layer wrappers - aka - "Sequential" and "Recurrent" |
How do we recreate the whole Module from that though? |
Marking this resolved, as the new approach for integrating pytorch allows us to make sure commands we receive are in the local |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
For full pytorch support we will need remote code execution of arbitrary code (defined by someone who has defined a model)
We will also likely need remote code execution for data adapters, although these are more auditable (would still be nice to have, though)
some things I have considered so far (as well as their downsides)
chroot jail
what it is
Basically we tell a process that
/grid/runhere
is the root directory and we manually link everything they are allowed to do (basically nothing) this is not that secure because there are ways to break out of it.docker
We can look into docker, I have read docker is also no truly secure
The text was updated successfully, but these errors were encountered: