Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You only need the bucket name to do that. You should include a randomly generated prefix/suffix in bucket names to prevent against such enumeration attempts. Another good idea (as well as, not instead of) is to expose objects in buckets publicly with a non-default host name, such that the bucket name isn’t leaked at all.


Or, for read scenarios, putting a CloudFront distribution in front of the bucket!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: