Actions
Bug #18596
openrgw: object owner should not be able to download the obj without container permission in swift API
Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
rgw
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
1. user1 grant user2 the container write permission
2. user2 upload the object in user1's container with container write permission
3. user1 remove the user2's write permission on the container.
4. user2 can still download the uploaded object without container read permission
which is not consistent with the openstack swift.
Updated by Yehuda Sadeh almost 7 years ago
- Subject changed from object owner should not be able to download the obj without container permission in swift API to rgw: object owner should not be able to download the obj without container permission in swift API
Not quite. There are a set of permissions that will do that, however, if these permissions are not set then users will be able to read objects. We don't want to have different permissions when user goes through either swift or s3.
Actions