Alert: data loss with OMERO's cleanse function
Posted: Thu May 26, 2016 2:01 pm
Dear All,
Today we confirmed that the cleanse.py script which is used by the "bin/omero admin cleanse" command can lead to data loss.
If the cleanse.py script is run by an operating system user who has permission to delete from the filesystem used for OMERO's binary repository but who is logged into OMERO as a non-administrative user (not a member of the OMERO "system" group) then the cleanse operation will delete other users' images, attachments, and other files that the OMERO user does not have permission to access.
We are actively working on a fix and we sincerely apologize for our critical error in this regard. The OMERO 5.2.3 documentation will be updated in the meantime to add warnings.
If you have run the "cleanse" function recently as a non-administrative OMERO user then please get in touch with us by the usual means for advice on how best to restore lost data from backups into your current OMERO system.
We are not aware of any problem with "cleanse" when run as an OMERO administrative user such as "root". However, before running destructive operations, always first back up your data and use cleanse's --dry-run option to check that what it plans to delete is appropriate.
We are most grateful to Carnë Draug for bringing this serious problem to our attention.
Regards,
The OME Team
Today we confirmed that the cleanse.py script which is used by the "bin/omero admin cleanse" command can lead to data loss.
If the cleanse.py script is run by an operating system user who has permission to delete from the filesystem used for OMERO's binary repository but who is logged into OMERO as a non-administrative user (not a member of the OMERO "system" group) then the cleanse operation will delete other users' images, attachments, and other files that the OMERO user does not have permission to access.
We are actively working on a fix and we sincerely apologize for our critical error in this regard. The OMERO 5.2.3 documentation will be updated in the meantime to add warnings.
If you have run the "cleanse" function recently as a non-administrative OMERO user then please get in touch with us by the usual means for advice on how best to restore lost data from backups into your current OMERO system.
We are not aware of any problem with "cleanse" when run as an OMERO administrative user such as "root". However, before running destructive operations, always first back up your data and use cleanse's --dry-run option to check that what it plans to delete is appropriate.
We are most grateful to Carnë Draug for bringing this serious problem to our attention.
Regards,
The OME Team