affects OMERO versions 5.2.7 and earlier
Users even without permission could still delete official scripts even though they got an error when they tried.
The ordering of statements in the script service was such that the underlying file on the filesystem could be removed before model object permissions on the original file were checked. The fix was to move some code forward from the light admin work that adds extra permissions checking to the script service so that a "have I permission to delete this OriginalFile?" check is made before launching into anything that touches the filesystem.
OMERO.server up to and including 5.2.7.
All scripts could be removed.
None
All OMERO.servers should be upgraded to at least 5.2.8.
© 2005-2024 University of Dundee & Open Microscopy Environment. Creative Commons Attribution 4.0 International License
OME source code is available under the GNU General public license or more permissive open source licenses, or through commercial license from Glencoe Software Inc.
OME, Bio-Formats, OMERO, IDR and their associated logos are trademarks of Glencoe Software Inc., which holds these marks to protect them on behalf of the OME community.
[ Site Map ]
Version: 2024.04.18