Remote Code Execution (Security)

[bendecoste]

For full pytorch support we will need remote code execution of arbitrary code (defined by someone who has defined a model)

We will also likely need remote code execution for data adapters, although these are more auditable (would still be nice to have, though)

some things I have considered so far (as well as their downsides)

chroot jail

what it is
Basically we tell a process that /grid/runhere is the root directory and we manually link everything they are allowed to do (basically nothing) this is not that secure because there are ways to break out of it.

docker

We can look into docker, I have read docker is also no truly secure

[bendecoste]

related #48 & #58

@Mike96Angelo has experience with remote code execution

[bendecoste]

docker

I would also like to stay clean of docker unless necessary. Installation is way easier right now than if we were using docker imo

[iamtrask]

We could export tensors to a CSV https://stackoverflow.com/questions/36158058/torch-save-tensor-to-csv-file

[iamtrask]

and then we support specific layer wrappers - aka - "Sequential" and "Recurrent"

[jvmncs]

How do we recreate the whole Module from that though?

[jvmncs]

Marking this resolved, as the new approach for integrating pytorch allows us to make sure commands we receive are in the local torch module before executing it. This will be actualized with #129, so feel free to direct further discussion there.