[DAS] Re: DAS security
Ewan Birney
birney at ebi.ac.uk
Tue Sep 23 07:13:05 EDT 2003
On Tuesday, September 23, 2003, at 12:08 pm, James Stalker wrote:
> On Tue, Sep 23, 2003 at 11:42:18AM +0100, Neil Walker wrote:
>> Tony Cox wrote:
>>
>>> Since it has always been an open source/data project we have not
>>> engineered a
>>> system for hiding some data form a subset of users.
>>
>> I had this same discussion with the Mart team last week with regard a
>> distributed Mart. I think the issue with Ensembl being Open Source is
>> that you can't hack the client code to hide your data from a paricular
>> class of user, as someone can always download an unhacked version from
>> CVS.
>
> Well, for the website, the issue is more that you don't provide the
> client, so can't do a thing about it, opensource or not. It is also
> generally true that you can never trust the client in a client-server
> app.
>
Right. The open-source-ness of the client doesn't change the fact that
a client
communicates with a port.
data slicing with tight user-authentication for slices is not a major
driver for the
Ensembl code base - As Jim says, people who have non-disruptive,
sensible
ways of handling different users are welcome to contribute...
(if someone really wants to do this we can consider having you work on
campus
for a while - this why you can have a high-bandwidth conversation with
developers
directly rather than bouncing email around).
More information about the DAS
mailing list