[ome-users] Alert: data loss with OMERO's cleanse function
Helen Flynn (Staff)
h.flynn at dundee.ac.uk
Thu May 26 14:56:15 BST 2016
Today we confirmed that the cleanse.py script which is used by the "bin/omero admin cleanse" command can lead to data loss.
If the cleanse.py script is run by an operating system user who has permission to delete from the filesystem used for OMERO's binary repository but who is logged into OMERO as a non-administrative user (not a member of the OMERO "system" group) then the cleanse operation will *delete* other users' images, attachments, and other files that the OMERO user does not have permission to access.
We are actively working on a fix and we sincerely apologize for our critical error in this regard. The OMERO 5.2.3 documentation will be updated in the meantime to add warnings.
If you have run the "cleanse" function recently *as a non-administrative OMERO user* then please get in touch with us by the usual means for advice on how best to restore lost data from backups into your current OMERO system.
We are not aware of any problem with "cleanse" when run as an OMERO administrative user such as "root". However, before running destructive operations, always first back up your data and use cleanse's --dry-run option to check that what it plans to delete is appropriate.
We are most grateful to Carnë Draug for bringing this serious problem to our attention.
The OME Team
Dr Helen Flynn
OME Technical Writer
Centre for Gene Regulation & Expression
Open Microscopy Environment
University of Dundee
The University of Dundee is a registered Scottish Charity, No: SC015096
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ome-users