Y
Hacker News
new
|
ask
|
show
|
jobs
by
verdverm
652 days ago
Sounds like they amay be accepting user PDFs, saving them to a bucket, and then doing processing after.
1 comments
remram
652 days ago
They trust their AWS EC2 instance doing the processing but not their AWS S3 bucket doing the storing? I don't really understand the threat model here.
And what's "
public
bucket"?
link
geekodour
652 days ago
So the model here is, first it gets uploaded to a staging bucket, a lambda/callback checks the validity of the file and then puts it into a safe bucket of which content I trust to put in my server(backend)
link
remram
652 days ago
I think maybe you are using the word "tampered" in an unusual way? To mean unsafe?
link
geekodour
652 days ago
ah apologies again, for this specific one i meant where users from the internet are allowed to upload to. (i am using presigned urls)
link
And what's "public bucket"?