On Thu, Nov 25, 2010 at 6:16 PM, Pieter Neerincx <pieter.neerincx@gmail.com> wrote:
Hi Alex and Peter,
On Nov 24, 2010, at 8:32 PM, Bossers, Alex wrote:
Indeed if you are talking plugging in real tools that require binaries or perl scripts to be installed on the server that might / that is a serious security issue. We had the same discussion internally about a tool we have that allows the load and execution of ANY uploaded R script for testing... That tool will never make it to the production server :)
It might be an option to allow this kind of actions by restricting it to dedicated galaxy admins (as specified in the galaxy universe_wsgi.ini file). I haven't figured out how to restrict tools to this GROUP of users in galaxy though....
Sure, being able to plug any tool is a security risk, but if I understood correctly, tools published in the 3rd party tool shed need to be approved by the Galaxy team 2 Penn State. So, I can imagine a system where users can only add approved and signed 3rd party tools from the tool shed.
Well, it would be quite a lot harder and more time consuming for them to approve tools if they also had the additional responsibility for checking for malicious code. There is also no code signing functionality in the tool shed (yet).
There needs to be a balance between allowing users to experiment as freely as possible - after all most of us are into science :) - and preventing users from destroying the infrastructure. Restricting dynamic tool plugging to admins would be another option, but the less end users need to beg admins for customizations, upgrades, etc., the better!
I would say when it comes to servers, customizations and upgrades are things best left to administrators (if you expect any kind of stability and reliability from your Galaxy install). In many cases tool wrappers from the Tool Shed would depend on 3rd party tools which must still be installed manually. Only a minority of tools will be standalone and thus could be installed "automatically" anyway. Peter