Support Questions

Find answers, ask questions, and share your expertise

CML Python Package Installation Security

avatar
Explorer

Hello,

I've noticed how the CML Terminal lets you install Python packages on the 'Net using pip.

(A gcc compiler is even available!)

Isn't that a security risk?

Is there a way to only allow package installation from an in-house repository?

Many thanks.

1 ACCEPTED SOLUTION

avatar
Expert Contributor

pip index url can be configured as an admin environment variable, but users can override the same with the project environment variable or manual override.

utmost way is to make the cluster air gapped. As long as the cluster has internet gateway, sessions can reach internet to pull the packages

View solution in original post

1 REPLY 1

avatar
Expert Contributor

pip index url can be configured as an admin environment variable, but users can override the same with the project environment variable or manual override.

utmost way is to make the cluster air gapped. As long as the cluster has internet gateway, sessions can reach internet to pull the packages