0

We are running JupyterLab Terminal inside a docker container and making it available for every user. User can run any command as of now.
what we need is to customize Jupyter behavior on certain commands e.g. if user types rm -rf * (*nix command) then Jupyter should prompt This is not allowed or something similar.

Thanks in advance for any help.

mds404
  • 371
  • 4
  • 9

1 Answers1

0

This is not possible via Jupyter, the terminal is "just" a small wrapper that interact with a real terminal. This is exactly the same as giving users access via SSH.

You want to change the user default shell, and have opt-in commands.

Though be aware that this will just be a façade, if user have access to a Jupyter kernel, especially Python ones, they can already run system commands (by preceding the line with a bang), and/or use ctypes to directly call system functions.

Matt
  • 27,170
  • 6
  • 80
  • 74
  • Thanks Matt for response. Is there anyway to intercept this wrapper call before it reaches to real terminal. I was positively looking for options because it's in web browser, and one way or other it must be sending to entered command server. – mds404 Jul 13 '21 at 13:33
  • There was some exploration on intercepting the messages on the lab side (in order to open notebooks from the terminal) in https://github.com/jupyterlab/jupyterlab/pull/9687 and there is an open PR for allowing to change the shell in https://github.com/jupyterlab/jupyterlab/pull/10203. I would use a different strategy (JupyterHub, permissions system, another virtualization layer, whatever) to address multiple users. – krassowski Jul 13 '21 at 18:59
  • Thanks krassowski for reply. I'll go through them to find out if these can be useful for my problem statement. – mds404 Jul 14 '21 at 17:46