Comment 31 for bug 1453948

Reviewed: https://review.openstack.org/217254
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=410778b86a49702f80b734bdbf2480b86db342e2
Submitter: Jenkins
Branch: stable/kilo

commit 410778b86a49702f80b734bdbf2480b86db342e2
Author: Clay Gerrard <email address hidden>
Date: Thu Jul 23 22:36:21 2015 -0700

    Disallow unsafe tempurl operations to point to unauthorized data

    Do not allow PUT tempurls to create pointers to other data. Specifically
    disallow the creation of DLO object manifests by returning an error if a
    non-safe tempurl request includes an X-Object-Manifest header regardless of
    the value of the header.

    This prevents discoverability attacks which can use any PUT tempurl to probe
    for private data by creating a DLO object manifest and then using the PUT
    tempurl to head the object which would 404 if the prefix does not match any
    object data or form a valid DLO HEAD response if it does.

    This also prevents a tricky and potentially unexpected consequence of PUT
    tempurls which would make it unsafe to allow a user to download objects
    created by tempurl (even if they just created them) because the result of
    reading the object created via tempurl may not be the data which was uploaded.

    [CVE-2015-5223]

    Co-Authored-By: Kota Tsuyuzaki <email address hidden>

    Closes-Bug: 1453948

    Change-Id: I91161dfb0f089c3990aca1b4255b520299ef73c8