forked from TrueCloudLab/distribution
26d8344872
In the S3 storage driver there is currently an initial access permission check by listing the bucket. If this check fails, registry will panic and exit. However, this check is broken in two ways. First of all it strips the final slash from the root directory path, meaning that any access permissions which limit access to a single directory will fail, because S3 treats the path as strict prefix match. Secondly it fails to strip any leading slash that might be present, unlike the other access places, which means that the path used is different as a leading slash is allowed and significant in a filename in S3. Since there is also a periodic health check which correctly checks access permissions and shows the error more cleanly, the best solution seems to be to just remove this initial access check. Signed-off-by: Nuutti Kotivuori <nuutti.kotivuori@poplatek.fi> |
||
---|---|---|
.. | ||
api | ||
auth | ||
client | ||
handlers | ||
listener | ||
middleware | ||
proxy | ||
storage | ||
doc.go | ||
registry.go |