Amazon S3为每个对象创建唯一的密钥 [英] Amazon S3 creating unique keys for every object

问题描述

我的应用程序用户将他们的文件上传到一个存储桶。我怎样才能确保我的S3存储桶中的每个对象都有一个唯一的密钥，以防止对象被覆盖？

目前我正在使用随机字符串加密文件名我的PHP脚本之前发送文件到S3。

为了便于讨论，我们假设上传者找到一种方法来操纵上传文件名。他希望将我网站上的所有图片替换为香蕉。如果加密失败，防止在S3中覆盖文件的好方法是什么？

编辑：我不认为版本控制是可行的，因为我无法指定版本号在显示图片时显示图片的URL。

解决方案

你是加密还是哈希？如果你正在使用md5或sha1哈希，攻击者可以很容易地发现一个哈希碰撞，让你滑在香蕉皮上。如果您在没有随机初始化向量的情况下进行加密，攻击者可能会在上传几百个文件后推断出您的密钥，而加密可能不是最好的方法。这是昂贵的计算，很难实现，你可以得到一个更安全的机制，这个工作用很少的努力。

如果你预先给每个文件名随机字符串，使用合理可靠的熵源，你不应该有任何问题，但你应该检查文件是否已经存在。虽然使用 S3 :: GetObject 来编写一个循环来检查，并且生成一个新的随机字符串，对于几乎不需要运行的东西来说，几乎从不意味着最终发生的可能性很高。

My app users upload their files to one bucket. How can I ensure that each object in my S3 bucket has a unique key to prevent objects from being overwritten?

At the moment I'm encrypting filenames with a random string in my php script before sending the file to S3.

For the sake of the discussion let's suppose that the uploader finds a way to manipulate the filename on upload. He wants to replace all the images on my site with a picture of a banana. What is a good way to prevent overwriting files in S3 if encryption fails?

Edit: I don't think versioning will work because I can't specify a version id in an image URL when displaying images from my bucket.

解决方案

Are you encrypting, or hashing? If you are using md5 or sha1 hashes, an attacker could easily find a hash collision and make you slip on a banana skin. If you are encrypting without a random initialization vector, an attacker might be able to deduce your key after uploading a few hundred files, and encryption is probably not the best approach. It is computationally expensive, difficult to implement, and you can get a safer mechanism for this job with less effort.

If you prepend a random string to each filename, using a reasonably reliable source of entropy, you shouldn’t have any issues, but you should check whether the file already exists anyway. Although coding a loop to check, using S3::GetObject, and generate a new random string might seem like a lot of effort for something that will almost never need to run, "almost never" means it has a high probability of happening eventually.

这篇关于Amazon S3为每个对象创建唯一的密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！