On Sun, Jun 24, 2012 at 9:58 AM, Geoff Hutchison
<ge...@geoffhutchison.net>wrote:
> > I originally had happyHTTP in the resolver format as you suggested,
> > giving good modularity.
>
> This is definitely what's going to happen for 2.3.2, along with some
> testing. I'm a bit hesitant on code which is clearly unmaintained. But for
> one format, it's probably OK.
>
> > But it seems a shame not to be able to access files directly from the
> > web for any input format, as in the last example I gave or
> >
> > obabel http://gaseq.co.uk/OB/first.sdf -osmi
>
> While I see the advantages of this, the security implications just went up
> by a huge margin. Remember that our code is used internally in a variety of
> programs. What if there's a security bug in HappyHTTP or the code which
> considers URLs in obconversion, etc.? What does the OB+HappyHTTP code do
> when it gets back a bunch of random binary data?
>
> > 1) Postpone anything to do with http access until the next release. This
> > would be necessary if there were concerns about the http library used.
> >
> > 2) Move happyHTTP into resolverformat and abandon universal http file
> > access. (If it was reinstated later, happyHTTP would have to be moved
> back.)
>
> I would consider #1 or #2 for 2.3.2 after suitable testing and abuse. I'm
> curious about possible universal web access, but only after a *lot* of
> testing for 2.4.
>
This is a really cool feature, but the it can't be installed by default.
Most companies have carefully crafted security policies designed to protect
their internal networks from damage and infection, and to protect their
confidential data from disclosure. Installing a library that handles
chemistry data isn't a huge threat.
But installing a program with the ability to access internet files means
OpenBabel moves into the same category as web browsers. And most companies
are very restrictive indeed about which browsers their employees can use.
Most pharmaceutical and biotech companies have absolute rules with no
exceptions: use this browser, with these settings, via this proxy server
... and no exceptions.
If HappyHTTP becomes an integral part of OpenBabel, OpenBabel will be
banned from most pharmaceutical and biotech companies. eMolecules will
certainly have to remove it before we install OpenBabel on our servers.
That said, I think HappyHTTP is really cool, and we will probably make use
of it ourselves ... just not on our production machines.
Cheers,
Craig
>
> That's my $0.02,
> -Geoff
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> OpenBabel-Devel mailing list
> OpenBabel-Devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openbabel-devel
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
OpenBabel-Devel mailing list
OpenBabel-Devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openbabel-devel
