commit 415bbc74aacd53a120e54a663e941b1809982dbd
Author: Harshavardhana <harsha@minio.io>
Date: Tue Oct 12 13:18:02 2021 -0700
checkKeyValid() should return owner true for rootCreds (#13422)
Looks like policy restriction was not working properly
for normal users when they are not svc or STS accounts.
- svc accounts are now properly fixed to get
right permissions when its inherited, so
we do not have to set 'owner = true'
- sts accounts have always been using right
permissions, do not need an explicit lookup
- regular users always have proper policy mapping
Impact
All users on release RELEASE.2021-10-10T16-53-30Z are affected.
Patches
Users should upgrade to RELEASE.2021-10-13T00-23-17Z if they have upgraded to RELEASE.2021-10-10T16-53-30Z to mitigate this problem.
Workarounds
Users should upgrade to RELEASE.2021-10-13T00-23-17Z
References
For more information
If you have any questions or comments about this advisory: