Hi Cephers,
Recently when I did some tests of rgw functions I found that the swift key of a subuser is kept after removing the subuser. As a result, this subuser-swift_key pair can still pass authentication system and get an auth-token (without any permission though). Moreover, if we create a subuser with the same name later, the swift key becomes valid again. I know we can actually delete the key by explicitly specifying '--purge-keys', just curious why it is not set as default.
Any thought or comment?
P.S. You may find more information on ceph tracker: http://tracker.ceph.com/issues/12890
Best Regards,
Sangdi Xu
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
