阅读背景:

用户可以在没有策略的情

来源:互联网 

We have an application that is somehow able to list the contents of an S3 bucket even though there is no policy on the bucket. Based on my understanding of s3, it should default to deny and this not be the case. Is there another way this could be happening. The application is doing a simple curl to the endpoint, not passing any credentials.We have an application that is somehow able to




你的当前访问异常,请进行认证后继续阅读剩余内容。

分享到: