Auto-extract feature of bulk.py can bypass quota settings
Bug #1201844 reported by
Steve Mayer
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
Fix Released
|
Undecided
|
Chmouel Boudjnah |
Bug Description
When using the archive auto-extract feature of the bulk.py module, it is possible to blow out the account and/or container quotas that might be configured.
Once the initial size of the archive to be uploaded passes the quota checks, nothing is done to ensure that the expanded size of the archive contents also meets quota restrictions. This allows for the opportunity of blowing the quota by quite a bit depending on the contents of the archive.
Using Swift 1.8.0 release.
Changed in swift: | |
milestone: | none → 1.9.1 |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This is only true if the bulk middleware is after the quota middleware in the proxy pipeline. The bulk middleware should always be to the left of ratelimiting, auth, quota middleware, etc so that every subrequest is handled properly and restrictions are maintained.