noobaa-core
noobaa-core copied to clipboard
Published
20 hours ago •
noobaa
noobaa
NSFS | NC | Bucket owner & Principal of bucket policies should be ids and not email/name
Environment info
- NooBaa Version: master
- Platform: NC
Actual behavior
- Bucket policy principal identified by account name. An account with a specific name can be deleted. In the future someone can create a different account with the same specific name, and the bucket policy will refer to the new account. This might confuse or even cause a security issue.
- bucket_owner identified by account email, although the security issue from bullet 1 couldn't happen because we are blocking deletion of accounts that own buckets. This property should be considered as well to be deprecated and on some flows, we should use owner_account which is an id instead.
Expected behavior
- foreign keys between bucket and account should be random ids.
Steps to reproduce
Bucket policy issue -
- create an account, let's call it account1.
- create a bucket while specifying a bucket policy that allows account1 to run all s3 commands on this bucket.
- delete account1.
- create a new account having the same name.
- run s3 commands using the new account identified by the name account1 without access denial issues.
More information - Screenshots / Logs / Other output
In NSFS NC - When someone is assigned to this issue, please also add a test for the scenario mentioned in #7797
This issue had no activity for too long - it will now be labeled stale. Update it to prevent it from getting closed.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Updating for stale bot, still not fixed. Will be addressed soon as part of the IAM effort.