views:

34

answers:

2

We are using Amazon S3 for images on our website and users upload the images/files directly to S3 through our website. In our policy file we ensure it "begins-with" "upload/". Anyone is able to see the full urls of these images since they are publicly readable images after they are uploaded. Could a hacker come in and use the policy data in the javascript and the url of the image to overwrite these images with their data? I see no way to prevent overwrites after uploading once. The only solution I've seen is to copy/rename the file to a folder that is not publicly writeable but that requires downloading the image then uploading it again to S3 (since Amazon can't really rename in place)

+1  A: 

If I understood you correctly The images are uploaded to Amazon S3 storage via your server application. So the Amazon S3 write permission has only your application. Clients can upload images only throw your application (which will store them on S3). Hacker can only force your application to upload image with same name and rewrite the original one.

How do you handle the situation when user upload a image with a name that already exists in your S3 storage? Consider following actions:

  1. First user upload a image some-name.jpg
  2. Your app stores that image in S3 under name upload-some-name.jpg
  3. Second user upload a image some-name.jpg
  4. Will your application overwrite the original one stored in S3?
amra
A: 
Adam