You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Toil uses a make_public_dir() function to make world-writable directories to use as temp directories in the worker and the file store implementations, like this:
It's clear that we intended to do this. It's not clear to me why we intended to do this (maybe to solve Docker-related permission issues?), or that it's actually necessary. It's definitely a good way to have security problems in a multi-tenant environment.
We should stop doing this.
┆Issue is synchronized with this Jira Story
┆Issue Number: TOIL-1564
The text was updated successfully, but these errors were encountered:
Toil uses a
make_public_dir()
function to make world-writable directories to use as temp directories in the worker and the file store implementations, like this:toil/src/toil/fileStores/nonCachingFileStore.py
Line 105 in 115be67
It's clear that we intended to do this. It's not clear to me why we intended to do this (maybe to solve Docker-related permission issues?), or that it's actually necessary. It's definitely a good way to have security problems in a multi-tenant environment.
We should stop doing this.
┆Issue is synchronized with this Jira Story
┆Issue Number: TOIL-1564
The text was updated successfully, but these errors were encountered: