Comment 6 for bug 1354512

Feodor Tersin (ftersin) wrote :

Cloud service users are not known to keystone. They are regular users of web sites and other services which are launched in instances. So they don't have any cloud authorization property.

One should explicity request an image from Swift to get it. Moreover, there is no legal way to get the image url for cloud service users. But if he knows it, he can download the image.

I don't see any special comments in which added .r:*.

Of course, any cloud user can download a public image, and share it to all of the world. But it will be obvious action of a particular cloud user. Now the problem exists without any cloud user action (except compromising the image url).