Thank you for your response, Aviral.
I agree that if users are using different notebooks, there shouldn’t be any security threat. However, the concern arises even when two users are using the same notebook; it should ideally be different sessions for each user.
Each user has their own OpenAI token. For instance, if User A runs a cell to extract their token, and then User B runs the next cell, User B ends up using User A’s token. This is undesirable behavior and poses a significant security risk.
From my understanding, a shared compute cluster should keep sessions separate for User A and User B. This means that while they share the code, they shouldn’t be sharing the variable values. Unfortunately, this separation is not happening in our environment.
Has anyone else experienced this, or does anyone have suggestions on how to enforce better session isolation?