Y
Hacker News
new
|
ask
|
show
|
jobs
by
remram
659 days ago
They trust their AWS EC2 instance doing the processing but not their AWS S3 bucket doing the storing? I don't really understand the threat model here.
And what's "
public
bucket"?
2 comments
geekodour
659 days ago
So the model here is, first it gets uploaded to a staging bucket, a lambda/callback checks the validity of the file and then puts it into a safe bucket of which content I trust to put in my server(backend)
link
remram
659 days ago
I think maybe you are using the word "tampered" in an unusual way? To mean unsafe?
link
geekodour
659 days ago
ah apologies again, for this specific one i meant where users from the internet are allowed to upload to. (i am using presigned urls)
link