MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: information disclosure bug in preconditions GET (#19810)

Browse Source 
precondition check was being honored before, validating
if anonymous access is allowed on the metadata of an
object, leading to metadata disclosure of the following
headers.

```
Last-Modified
Etag
x-amz-version-id
Expires:
Cache-Control:
```

although the information presented is minimal in nature,
and of opaque nature. It still simply discloses that an
object by a specific name exists or not without even having
enough permissions.
This commit is contained in:
Harshavardhana
2024-05-27 12:17:46 -07:00
committed by GitHub
parent 9d20dec56a
commit e0fe7cc391
19 changed files with 90 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/distributed/decom-compressed-sse-s3.sh
View File

@@ -148,8 +148,6 @@ if [ $ret -ne 0 ]; then
exit 1
fi
go install -v github.com/minio/minio/docs/debugging/s3-check-md5@latest
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
kill $pid

6
docs/distributed/decom-encrypted-kes.sh
View File

@@ -238,10 +238,8 @@ if [ $ret -ne 0 ]; then
exit 1
fi
go install -v github.com/minio/minio/docs/debugging/s3-check-md5@latest
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned-1
./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned-1
kill $pid
kill $kes_pid

4
docs/distributed/decom-encrypted-sse-s3.sh
View File

@@ -158,8 +158,6 @@ if [ $ret -ne 0 ]; then
exit 1
fi
go install -v github.com/minio/minio/docs/debugging/s3-check-md5@latest
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
kill $pid

4
docs/distributed/decom-encrypted.sh
View File

@@ -144,8 +144,6 @@ if [ "${expected_checksum}" != "${got_checksum}" ]; then
exit 1
fi
go install -v github.com/minio/minio/docs/debugging/s3-check-md5@latest
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
./s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned
kill $pid

2
docs/distributed/decom.sh
View File

@@ -212,8 +212,6 @@ if [ "${expected_checksum}" != "${got_checksum}" ]; then
exit 1
fi
go install -v github.com/minio/minio/docs/debugging/s3-check-md5@latest
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket bucket2
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned