You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Ritesh H Shukla (Jira)" <ji...@apache.org> on 2022/06/23 22:45:00 UTC

[jira] [Created] (HDDS-6942) Buckets created via S3 should not allow read access for users in same group

Ritesh H Shukla created HDDS-6942:
-------------------------------------

             Summary: Buckets created via S3 should not allow read access for users in same group
                 Key: HDDS-6942
                 URL: https://issues.apache.org/jira/browse/HDDS-6942
             Project: Apache Ozone
          Issue Type: Bug
            Reporter: Ritesh H Shukla


The permission model backing buckets follow unix semantics and users who are in the same group can read others' buckets by default. This was tested against Native Authorizer

This is not intuitive for S3 APIs and by default, the permission applied should not allow read by users of the same group. Currently, any bucket created is readable by all users in the same group.

 

ToDo:
 # Test behavior when using Ranger
 # Add smoke tests 

 



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org