Hi, In tempurl middleware of Swift there is an hmac signature calculated with keys stored in account meta data attributes temp-url-key', 'temp-url-key-2' (see the function get_tempurl_keys_from_metadata in swift/common/middleware/tempurl.py). The generated signature allows access to the resources with URLs like https://swift-cluster.example.com/v1/AUTH_account/container/object?temp_url_sig=da39a3ee5e6b4b0d3255bfef95601890afd80709&temp_url_expires=1323479485 . It seems that keeping the keys un-encrypted as part of the account info is a security vulnerability which allows anyone who can read the account meta data to generate and fake temp urls. Shouldn't we protect the keys used to calculate the hmac, either through encryption or by limiting their visibility? Best Regards, Alex. ---------------------------------------------------------- Alexandra Shulman-Peleg, PhD Storage Research, Cloud Platforms IBM Haifa Research Lab Tel: +972-3-7689530 | Fax: +972-3-7689545 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20130828/8d92886c/attachment.html>