RGW: allow user disabling presigned urls in rgw configuration#56044
RGW: allow user disabling presigned urls in rgw configuration#56044
Conversation
Fixes: https://tracker.ceph.com/issues/64797 Signed-off-by: Marc Singer <marc@singer.services>
Signed-off-by: Marc Singer <marc@singer.services>
cbodley
left a comment
cbodley
left a comment
There was a problem hiding this comment.
looks great. a lab outage is preventing the checks from running. we'll want to make sure the builds/tests succeed before starting qa
|
would there be some documentation on what the security concerns are? if not, is this something we can document as a part of this configuration? (ie a use case where cluster admins might want to disable pre-signed urls) |
What we encountered was that pre-signed urls allowed users to bypass the bucket policies in our version, see https://lists.ceph.io/hyperkitty/list/ceph-users@ceph.io/thread/HVLFGODPWVICWGQGD3IEEBDPK7RXZ7CA/#XL3DH52HSDWN47PLBKKPNXQNQ2QVYGUB |
|
jenkins test this please |
|
jenkins please test again |
We have special error handling for these cases but we don't check the negative value of the error so it instead gets caught as an error not defined with a response and throws a http 500. This was implement by [1] and the same way done with [2]. [1] ceph#55371 [2] ceph#56044 Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>
We have special error handling for these cases but we don't check the negative value of the error so it instead gets caught as an error not defined with a response and throws a http 500. This was implement by [1] and the same way done with [2]. [1] ceph#55371 [2] ceph#56044 Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>
We have special error handling for these cases but we don't check the negative value of the error so it instead gets caught as an error not defined with a response and throws a http 500. This was implement by [1] and the same way done with [2]. [1] ceph#55371 [2] ceph#56044 Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>
We have special error handling for these cases but we don't check the negative value of the error so it instead gets caught as an error not defined with a response and throws a http 500. This was implement by [1] and the same way done with [2]. [1] ceph#55371 [2] ceph#56044 Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>
3 participants
Fixes: https://tracker.ceph.com/issues/64797
For security reasons we would like to disallow presigned urls in our S3 cluster.
This is a patch allowing us to set the configuration value
rgw_s3_auth_disable_signature_urlin the rgw config to disable presigned URLs in the cluster.Checklist
Show available Jenkins commands
jenkins retest this pleasejenkins test classic perfjenkins test crimson perfjenkins test signedjenkins test make checkjenkins test make check arm64jenkins test submodulesjenkins test dashboardjenkins test dashboard cephadmjenkins test apijenkins test docsjenkins render docsjenkins test ceph-volume alljenkins test ceph-volume toxjenkins test windowsjenkins test rook e2e