User Story #988 (closed)
File corruptions/immutability guarantees under OmeroFs
|scripting, security, trust
|Total Remaining Time:
|Estimated Remaining Time:
The sha1 is currently computed on import (and should be by all clients). In Beta4, my plan was to have the server check all uploads against the sha1 and throw an exception if they don't match. This is important both for noticing physical corruption and tampering with scripts.
However, if files are mutable, then the sha1 isn't worth its wait in hex. Which means I was also going to suggest the romio library support some sort of UNFINISHED and IMMUTABLE flags. Not sure what that entire workflow would look like, or if it would be necessary on all files, but now with OmeroFs it's even a bit more complicated.
One possible solution would be to allow "snapshots" of OmeroFs files. This would let users keep their files mutable, but once they left the UNFINISHED status, the server could take a snapshot if they were used in a particular way, e.g. an administrator marking them as "trusted" for scripting. The question becomes which OriginalFile entries do the clients work with: the OmeroFs one or the snapshot.
./omerofs --add /my/trusted/path --trusted --snapshots
I realize this is getting away from the original purpose of OmeroFs which was to prevent data/file duplication, but since OmeroFs functionality may become very popular, we need to make sure we can still control the data to some extent when necessary.
Change History (6)
comment:1 Changed 15 years ago by cblackburn
- Milestone changed from OMERO-Beta4 to Future
- Status changed from new to assigned