- an account owner "test:tester" creates a container "secret" with some data in it
- the account owner creates another container "other" and sets a container temp url key on it and a r/w ACL for user test:tester3
Now user test:tester3 can create a DLO in container "other" and uses a tempurl to access the data in container "secret". Of course the object names need to be known in advance to access them.
I think this is not wanted. To me the best option seems to be to check if the used *container* temp url key is in the same container like the *SLO. This wouldn't change existing behavior for account container keys.
The following works for me:
- an account owner "test:tester" creates a container "secret" with some data in it
- the account owner creates another container "other" and sets a container temp url key on it and a r/w ACL for user test:tester3
Now user test:tester3 can create a DLO in container "other" and uses a tempurl to access the data in container "secret". Of course the object names need to be known in advance to access them.
I think this is not wanted. To me the best option seems to be to check if the used *container* temp url key is in the same container like the *SLO. This wouldn't change existing behavior for account container keys.