Comment 1 for bug 1485845

It is possible for the bulk middleware to create containers, so I could see a problem where a user could have write permissions to one container, and then somehow create others using bulk.. but in testing (using tempauth) I can't thanks to tempauth's swift.autherize method that gets run each time on the proxy for each request.

Will have to experiment with keystone to see if it's possible to do it there. But seeing as both use swift.authorize methods that will be run in the proxy app, it may not matter where it lives in the pipeline.