Also, please note that swift_owner_headers don't include "web-listings". Depending on the used auth middleware and implementation of a Swift owner it might be possible for a non-owner to enable web-listings, though read-acls are not editable by that user and thus leading to an information leakage.
Also, please note that swift_owner_headers don't include "web-listings". Depending on the used auth middleware and implementation of a Swift owner it might be possible for a non-owner to enable web-listings, though read-acls are not editable by that user and thus leading to an information leakage.
https:/ /github. com/openstack/ swift/blob/ master/ etc/proxy- server. conf-sample# L204-L207 /github. com/openstack/ swift/blob/ master/ swift/proxy/ controllers/ container. py#L182- L184
https:/
However, afair this doesn't apply to tempauth and keystoneauth.