Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

CML Python Package Installation Security

avatar
author-rank phir1
Explorer

Created ‎01-05-2024 04:24 AM

Hello,

I've noticed how the CML Terminal lets you install Python packages on the 'Net using pip.

(A gcc compiler is even available!)

Isn't that a security risk?

Is there a way to only allow package installation from an in-house repository?

Many thanks.

324 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank Gopinath author-rank
Expert Contributor

Created ‎01-08-2024 02:22 AM

pip index url can be configured as an admin environment variable, but users can override the same with the project environment variable or manual override.

utmost way is to make the cluster air gapped. As long as the cluster has internet gateway, sessions can reach internet to pull the packages

View solution in original post

296 Views
0 Kudos
1 REPLY 1

avatar
author-rank Gopinath author-rank
Expert Contributor

Created ‎01-08-2024 02:22 AM

pip index url can be configured as an admin environment variable, but users can override the same with the project environment variable or manual override.

utmost way is to make the cluster air gapped. As long as the cluster has internet gateway, sessions can reach internet to pull the packages

297 Views
0 Kudos
webinar banner
Announcements
What's New @ Cloudera
Cloudera Operational Database (COD) supports instance group ...
What's New @ Cloudera
Cloudera Operational Database (COD) has updated the instanc...
What's New @ Cloudera
Cloudera Operational Database (COD) supports configuring roo...
What's New @ Cloudera
Cloudera Operational Database (COD) has updated the HDFS ins...
Product Announcements
[ANNOUNCE] CDP Private Cloud Base 7.1.7 Service Pack 3 Relea...
View More Announcements
meetups banner