Comment 27 for bug 1449212
Revision history for this message
| Richard Hawkins (richard-hawkins) wrote | #27 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f399f05
demo site
(Get the code!)
Hi Jeremy,
I think in addition, the discussions that resulted in me reporting this bug exposed a second vulnerability with account level temp URLs that has been around for a while.
Where someone with a account level PUT temp URL could potentially probe for existing objects by created DLO that references other containers/objects and HEADING the DLO created. If they had a pair of account level PUT/GET temp URLs, could additionally retrieve data from any object found.
I am not sure who first figured it out, but Sam Merritt was I think the first person to explain it such that I understood this aspect of it.