From 979ef8257dc05349e89da38498d7a3fb72dd2ced Mon Sep 17 00:00:00 2001 From: MinRK Date: Mon, 7 Jul 2014 14:56:00 -0500 Subject: [PATCH] add some documentation notes about trust being per-profile --- docs/source/notebook/security.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/source/notebook/security.rst b/docs/source/notebook/security.rst index b5d22cdb6..8a3130f6e 100644 --- a/docs/source/notebook/security.rst +++ b/docs/source/notebook/security.rst @@ -49,6 +49,12 @@ the IPython profile's security directory. By default, this is:: ~/.ipython/profile_default/security/notebook_secret +.. note:: + + The notebook secret being stored in the profile means that + loading a notebook in another profile results in it being untrusted, + unless you copy or symlink the notebook secret to share it across profiles. + When a notebook is opened by a user, the server computes a signature with the user's key, and compares it with the signature stored in the notebook's metadata. If the signature matches, HTML and Javascript