| Popis: |
Gateways provide access to computational codes as a service to their users. One popular design pattern is to use a single user account on an HPC system to run all workloads for the gateway’s user community. This introduces several security concerns for the owner of the user account, the machine, and the integrity of the workloads run by the gateway. In this paper we present preliminary work on pieshell, a limited, secure Linux shell that runs in user space. We begin by discussing the use case pieshell addresses. Next we discuss how it fills a gap in the existing secure shell landscape. We then describe pieshell’s design and usage within a gateway context before concluding with areas of future work. |
