whbing commented on PR #4559: URL: https://github.com/apache/ozone/pull/4559#issuecomment-1546533608
An issue in previous commits are that when performing a `key READ` operation , even if the source bucket has READ permission, the link bucket READ permission will also be checked, which could result in `PERMISSION_DENIED`. So, `link bucket acl` is designed similar to `Linux POSIX symbolic` which has `777` permissions. Be relatively cautious, `link bucket acl` is authorized with `world::rw` permissions by default (maybe `world::a` better?). If there is a link bucket in an older version, you need to first authorize the link bucket with `world::rw` before introducing this patch. Alternatively, you can delete and recreate the link bucket after introducing this patch. The above content has been completed and `CI` passed on my branch. @ChenSammi PTAL, Thanks! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
