Add random string to submission filenames for better hiding #1005
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Previously, the exchange was writeable by all users, readable by all
users, but only listable by the instructors. Non-guessability of
the filename is the method of security. However, filenames are a
function of (username, assignment_id, and microsecond timestamp). A
microsecond timestamp alone is not immediately guessable, but not
perfect either.
- This patch introduces a random string to the submission filename.
- This is backwards compatible, except if there is a "+" in a username
and the instructor uses new nbgrader and students submit with old
nbgrader. This is because "+" is used to split the path components,
but is also a valid character for usernames. It was split with
.rsplit("+", 2) before, now it is .rsplit("+", 3).
- Related: jupyter#978
- Closes: jupyter#978
- Otherwise, when parsing the cache, the pattern is bad
|
Awesome, thanks! |
|
Thanks!
Gourd you check that this filename isn't parsed anywhere else, like
nbgrader list? Not currently at a computer, but I can't be sure that I got
everything! We aren't using all possible features, but is seems to have
worked for two rounds so far...
…On Sat, Oct 6, 2018, 20:36 Jessica B. Hamrick ***@***.***> wrote:
Merged #1005 <#1005> into master.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#1005 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AGjzGTC27Qt_-CeS2JRUAW1vmxm0-uf5ks5uiOoUgaJpZM4WIc63>
.
|
|
Oh, you're right, it actually is being used by nbgrader list. I think the effect will be that the timestamps will be messed up when running nbgrader list which isn't a huge deal but is still a bug. So we should definitely make another PR to address that, too. Let me know if you'd like to do this, or if I should! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
users, but only listable by the instructors. Non-guessability of
the filename is the method of security. However, filenames are a
function of (username, assignment_id, and microsecond timestamp). A
microsecond timestamp alone is not immediately guessable, but not
perfect either.
and the instructor uses new nbgrader and students submit with old
nbgrader. This is because "+" is used to split the path components,
but is also a valid character for usernames. It was split with
.rsplit("+", 2) before, now it is .rsplit("+", 3).
The non-extension tests work locally, let's see what travis says for the rest...