[
https://issues.apache.org/jira/browse/HDDS-14898?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Fabian Morgan updated HDDS-14898:
---------------------------------
Description: Currently, there are no acl checks in the S3 ListParts
implementation. This affects STS because, for example, if a token is scoped to
have only PutObject access, the token can also call ListParts because there are
no acl checks. This ticket adds the acl checks for the base S3 apis. (was:
Currently, there are no acl checks in the S3 ListParts implementation. This
affects STS because, for example, if a token is scoped to have only PutObject
access, the token can also call ListParts because there are no acl checks.
This ticket adds the acl checks for STS requests because it is unclear how many
users would be affected if acl checks were added to the base S3 apis.)
> [STS] Fix Latent S3 API Issue having No Acl Check for ListParts
> ---------------------------------------------------------------
>
> Key: HDDS-14898
> URL: https://issues.apache.org/jira/browse/HDDS-14898
> Project: Apache Ozone
> Issue Type: Sub-task
> Reporter: Fabian Morgan
> Assignee: Fabian Morgan
> Priority: Major
> Labels: pull-request-available
> Fix For: 2.2.0
>
>
> Currently, there are no acl checks in the S3 ListParts implementation. This
> affects STS because, for example, if a token is scoped to have only PutObject
> access, the token can also call ListParts because there are no acl checks.
> This ticket adds the acl checks for the base S3 apis.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
