You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Attila Doroszlai (Jira)" <ji...@apache.org> on 2022/07/02 06:59:00 UTC

[jira] [Commented] (HDDS-6942) Ozone Bucket/objects created via S3 should not allow group access by default

    [ https://issues.apache.org/jira/browse/HDDS-6942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17561716#comment-17561716 ] 

Attila Doroszlai commented on HDDS-6942:
----------------------------------------

The PR for this issue was merged into {{master}}, but keeping this open for sub-tasks.

https://github.com/apache/ozone/commit/c5e374544cad1244d28cd6b4c579dd77bc0a3e43

> Ozone Bucket/objects created via S3 should not allow group access by default
> ----------------------------------------------------------------------------
>
>                 Key: HDDS-6942
>                 URL: https://issues.apache.org/jira/browse/HDDS-6942
>             Project: Apache Ozone
>          Issue Type: Bug
>            Reporter: Ritesh H Shukla
>            Priority: Major
>              Labels: pull-request-available
>
> The permission model backing buckets follow unix semantics and users who are in the same group can read others' buckets by default. This was tested against Native Authorizer
> This is not intuitive for S3 APIs and by default, the permission applied should not allow read by users of the same group. Currently, any bucket created is readable by all users in the same group.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org