I'm running the stable copy of galaxy and noticed that some custom, administrative tools (and otherwise tools which should be restricted in access due to licensing/etc.) were showing up in normal user's toolboxes inside the workflow editor. I feel that this is a bug, as the tool filters should be applied globally and not just in terms of what tools users are restricted from seeing in the normal toolbox. For me, this presents a problem as I strongly believe any administrative tools that exist should leak as little information as possible--not their entire set of options and associated documentation. Additionally, that sort of information leakage isn't acceptable by my organisation's policies. Do I have my instance misconfigured or is this an actual bug? I have my galaxy configured according to https://wiki.galaxyproject.org/Admin/Config/Access%20Control $ hg head changeset: 11242:9d4cbf2a1c13 branch: stable tag: tip user: Nate Coraor <nate@bx.psu.edu> date: Fri Dec 06 16:28:31 2013 -0500 summary: Add missing destination long arg to cli runner's Torque plugin and fix an incorrectly used PBS option in the sample job conf. changeset: 11216:c458a0fe1ba8 parent: 11213:6d633418ecfa parent: 11215:f79149dd3d35 user: Nate Coraor <nate@bx.psu.edu> date: Mon Nov 04 14:56:57 2013 -0500 summary: Merge security fix for filtering tools from stable/next-stable. $ hg summary parent: 11242:9d4cbf2a1c13 tip Add missing destination long arg to cli runner's Torque plugin and fix an incorrectly used PBS option in the sample job conf. branch: stable commit: 4 modified, 34 unknown update: (current) Thank you, Eric Rasche Programmer II Center for Phage Technology Texas A&M University