[Cyberduck-trac] [Cyberduck] #9322: S3 ACLs can't be changed in third-party buckets (due to incorrect Owner specification?)
Cyberduck
trac at trac.cyberduck.io
Fri Mar 4 20:05:33 UTC 2016
#9322: S3 ACLs can't be changed in third-party buckets (due to incorrect Owner
specification?)
------------------------+------------------------------
Reporter: bretmartin | Owner: dkocher
Type: defect | Status: assigned
Priority: normal | Milestone: 5.0
Component: s3 | Version: Nightly Build
Severity: normal | Resolution:
Keywords: | Architecture:
Platform: |
------------------------+------------------------------
Comment (by dkocher):
When querying the ACL for the bucket `bretmartin-cyberduck-
trac-9322.s3.amazonaws.com` with `GET /?acl HTTP/1.1` I get
{{{
<?xml version="1.0"?>
<AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Owner>
<ID>ea495239f890028c88eb505804ee843a3c4b6eaa0f7033702baa21ddcebe7e00</ID>
<DisplayName>bam</DisplayName>
</Owner>
<AccessControlList>
<Grant>
<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="CanonicalUser">
<ID>ea495239f890028c88eb505804ee843a3c4b6eaa0f7033702baa21ddcebe7e00</ID>
</Grantee>
<Permission>FULL_CONTROL</Permission>
</Grant>
</AccessControlList>
</AccessControlPolicy>
}}}
When trying to read the existing ACL on the file `test.txt` in the bucket
we get a `403` permission failure. Therefore when updating the ACL where
the `Owner` element must always be set the best thing to do is to use the
known owner from the bucket.
--
Ticket URL: <https://trac.cyberduck.io/ticket/9322#comment:8>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list