[ome-users] OMERO Figure Download
Josh Moore
josh at glencoesoftware.com
Mon Nov 13 12:49:43 GMT 2017
Steve et al.
On Thu, Nov 2, 2017 at 1:38 PM, Carnë Draug <carandraug+dev at gmail.com> wrote:
> On 1 November 2017 at 12:23:49 +0000, "William Moore (Staff)"
...
>> It would be better to add command line arguments to your script instead of
>> hard-coding it.
>
> A command line argument for the session ID would expose it on the
> process list and make it visible to all other users in the system.
Agreed, and thanks for the heads up, David. Anyone who's interested in
an alternative way of loading sensitive information might take a look
at ice.config:
https://github.com/openmicroscopy/openmicroscopy/blob/v5.4.0/etc/ice.config
This is a mechanism built into the transport layer of Ice to load
properties from config files. If those files are kept private (chmod
600 on unix/osx), then the session id should never be visible to
untrusted users.
Cheers,
~Josh.
More information about the ome-users
mailing list