mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 03:16:41 +08:00
a98d2a8086
AWS recommends running buckets without ACLs, and to use resource policies to manage access control instead. This is not a bad idea, because S3 ACLs are whack, and while resource policies are also whack, they're a more constrained form of whack. Further, some compliance regimes get antsy if you don't go with the vendor's recommended settings, and arguing that you need to enable ACLs on a bucket just to store images in there is more hassle than it's worth. The new site setting (s3_use_acls) cannot be disabled when secure uploads is enabled -- the latter relies on private ACLs for security at this point in time. We may want to reexamine this in future. |
||
|---|---|---|
| .. | ||
| backup_file_handler.rb | ||
| backup_store.rb | ||
| backuper.rb | ||
| database_restorer.rb | ||
| factory.rb | ||
| local_backup_store.rb | ||
| logger.rb | ||
| meta_data_handler.rb | ||
| restorer.rb | ||
| s3_backup_store.rb | ||
| system_interface.rb | ||
| uploads_restorer.rb | ||