You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to this article, just knowing the name of a bucket, regardless of the bucket being private or public, issuing an unauthorized PUT request will charge the bucket owner.
At the moment, it seems that only making it difficult for attackers to know the bucket name is the only action we can take. That's why we suggest using a random suffix on the bucket name, which is one the recommendations the article makes.
The text was updated successfully, but these errors were encountered:
Describe the Feature
According to this article, just knowing the name of a bucket, regardless of the bucket being private or public, issuing an unauthorized PUT request will charge the bucket owner.
At the moment, it seems that only making it difficult for attackers to know the bucket name is the only action we can take. That's why we suggest using a random suffix on the bucket name, which is one the recommendations the article makes.
The text was updated successfully, but these errors were encountered: