| 1 | | This would be particularly useful for users of Tahoe-LAFS-on-S3, who are subject to charges for all data stored, and so could be charged more than they expect if they provide access to a read/write gateway. (In that case the gateway holds the S3 secrets, so provided those secrets are kept secure, attackers cannot store data in the user's S3 bucket other than via such a gateway.) |
| | 1 | This would be particularly useful for users of Tahoe-LAFS-on-S3, who are subject to charges for all data stored, and so could be charged more than they expect if they provide access to a read/write gateway. |
| | 2 | |
| | 3 | ~~(In that case the gateway holds the S3 secrets, so provided those secrets are kept secure, attackers cannot store data in the user's S3 bucket other than via such a gateway.)~~ |
| | 4 | |
| | 5 | Correction: the secrets are held on the storage server, and anyone with the introducer FURL can upload. Hmm. So we might also need to fix #860 and make the S3 introducer's FURL unguessable. |
