Project

General

Profile

Actions
Copy link

Bug #17175

open

when setting payer of bucket to Requester, the ceph also could get object by anonymous account.

Added by wenjun jing over 7 years ago. Updated almost 7 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
% Done:

0%

Source:
other
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

When setting bucket's payer to requester, anonymous account could also get object by setting the value of optional parameter RequestPayer to requester. This action is not allowed in AWS S3. If the optional parameter is not set, the phenomenon is the same as AWS S3. As a matter of fact, the access to get object by anonymous account is not denied.

The blow is the get object API of boto3 and the last parameter is optional.
get_object(Bucket=bucket_name, Key=key, RequestPayer=requester)

Actions
Copy link
 #1

Updated by Sage Weil almost 7 years ago

  • Project changed from Ceph to rgw
Actions
Copy link

Also available in: Atom PDF