Jupyter provides the ability to run almost any code on a public server. The problem is most apparent in three situations:
- The code executed in a cell is arbitrary. This is completely up to the developer's discretion. Care should be taken to review the exposed coding.
- Shell commands can be run giving direct access to any files on the server or available on the server network.
- A true server shell can be initiated from a Jupyter cell, again giving complete access to the server and network resources.
These issues are remedied by the Jupyter trust policies described in the following points. However, many of them can be overridden by the Notebook author.