Re: [galaxy-dev] datatype for executables
Thanks for your answer. Yes, the idea is to have runnable executables such as executable binaries and shell scripts to run via a parallelizing tool Swift. As for security, current plan is to run Swift enabled Galaxy tools in controlled cloud instances, which we are already doing. With this datatype, we are planning to design a suite of generic tools such that any arbitrary executable can be parallelized within Galaxy and can be run on Clouds and remote clusters. Is it possible to write a type file bin_or_exe which can detect the executable bit of data before they are part of Galaxy's indexed data. Thanks, Ketan On Tue, Jan 28, 2014 at 2:42 AM, Peter Cock p.j.a.c...@googlemail.comwrote: On Tuesday, January 28, 2014, Ketan Maheshwari ketancmaheshw...@gmail.com wrote: Is there a data type in Galaxy that identifies executables uniquely, eg. from the executable bit in the file perms or some other way? Thanks, Galaxy's data types are for data files - runnable tools/executables are handled via XML tool wrappers which define their options etc. Are you really asking about creating a datatype for a binary executable file? Or letting users run arbitrary tools? Even the idea of electing users run an arbitrary R script is dangerous enough from a security point of view. Peter ___ Please keep all replies on the list by using reply all in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/ To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
Re: [galaxy-dev] datatype for executables
On Tuesday, January 28, 2014, Ketan Maheshwari ketancmaheshw...@gmail.com wrote: Is there a data type in Galaxy that identifies executables uniquely, eg. from the executable bit in the file perms or some other way? Thanks, Galaxy's data types are for data files - runnable tools/executables are handled via XML tool wrappers which define their options etc. Are you really asking about creating a datatype for a binary executable file? Or letting users run arbitrary tools? Even the idea of electing users run an arbitrary R script is dangerous enough from a security point of view. Peter ___ Please keep all replies on the list by using reply all in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/ To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
Re: [galaxy-dev] datatype for executables
On Tue, Jan 28, 2014 at 8:26 PM, Ketan Maheshwari ke...@mcs.anl.gov wrote: Is it possible to write a type file bin_or_exe which can detect the executable bit of data before they are part of Galaxy's indexed data. Thanks, Ketan You haven't convinced me this is a good idea, but I would try this by defining a new datatype class in Python with a sniffer method which just checks for the executable bit (probably defined as a subclass of the binary datatype, see [1]) and then add this and its sniffer to the datatype XML file. Peter [1] https://bitbucket.org/galaxy/galaxy-central/src/default/lib/galaxy/datatypes/binary.py ___ Please keep all replies on the list by using reply all in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/ To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
Re: [galaxy-dev] datatype for executables
Hi Peter, Thanks for the advice. I was trying to say that the potential users for this case will run the tool on: 1. cloud instances that they own 2. PBS/Torque/SLURM interfaced HPC resources which they will have authenticated access to. This means that say in the worse case if some one chooses to run a forkbomb, it will only kill her own resource. In my opinion this is no less secure than say I wrap a forkbomb into a torque script and submit it to my department cluster. I am accountable and traceable to any harm I do this way. The benefit to users on the other hand will be that they can easily test their arbitrary applications to run on a larger scale via the task-parallelism provided by Swift. Once a user is satisfied with the behavior of her task on a compute node via Galaxy, she can follow our recipe which will concretize her implementation as a tool to be used in practice. Were there any scenarios you had in mind that would lead to security issues? Thanks, Ketan On Tue, Jan 28, 2014 at 4:17 PM, Peter Cock p.j.a.c...@googlemail.comwrote: On Tue, Jan 28, 2014 at 8:26 PM, Ketan Maheshwari ke...@mcs.anl.gov wrote: Is it possible to write a type file bin_or_exe which can detect the executable bit of data before they are part of Galaxy's indexed data. Thanks, Ketan You haven't convinced me this is a good idea, but I would try this by defining a new datatype class in Python with a sniffer method which just checks for the executable bit (probably defined as a subclass of the binary datatype, see [1]) and then add this and its sniffer to the datatype XML file. Peter [1] https://bitbucket.org/galaxy/galaxy-central/src/default/lib/galaxy/datatypes/binary.py -- Ketan ___ Please keep all replies on the list by using reply all in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/ To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
