Bug #38523
closedI can delete a public-read-write bucket which is belong to other user, is this right?
0%
Description
I can delete a public-read-write bucket which is belong to other user,But the below table definition is can write or delete objects in the bucket.
So is this right?
Permission Bucket Object
READ Grantee can list the objects in the bucket. Grantee can read the object.
WRITE Grantee can write or delete objects in the bucket. N/A
READ_ACP Grantee can read bucket ACL. Grantee can read the object ACL.
WRITE_ACP Grantee can write bucket ACL. Grantee can write to the object ACL.
FULL_CONTROL Grantee has full permissions for object in the bucket. Grantee can read or write to the object ACL.
Updated by liang sibin about 5 years ago
ceph -v
ceph version 12.2.5 (cad919881333ac92274171586c827e01f554a70a) luminous (stable)
Updated by Adam Emerson about 5 years ago
- Status changed from New to In Progress
- Target version set to v15.0.0
- Source set to Community (user)
This is the correct behavior, but I'll update the documentation with the exact mapping between S3 operations and ACL permissions.
Amazon considers ACLs deprecated and suggests the use of bucket policy. It lets you specify much finer control over exactly which operations are supported.
Updated by Adam Emerson about 5 years ago
- Status changed from In Progress to Fix Under Review
- Pull request ID set to 26827
Documentation updated in: https://github.com/ceph/ceph/pull/26827
Updated by Casey Bodley about 5 years ago
- Status changed from Fix Under Review to Pending Backport
- Backport set to luminous mimic
Updated by Nathan Cutler about 5 years ago
- Copied to Backport #38667: luminous: I can delete a public-read-write bucket which is belong to other user, is this right? added
Updated by Nathan Cutler about 5 years ago
- Copied to Backport #38668: mimic: I can delete a public-read-write bucket which is belong to other user, is this right? added
Updated by Nathan Cutler about 5 years ago
- Status changed from Pending Backport to Resolved