Open bess opened 3 days ago
The owner of the PDC files is aws-0003
The owner of all of the other files I checked is also aws-0003
Since all files have the same owner, and that owner can read and write their own files, I believe that anyone who can authenticate to the pulibrary AWS account can delete PDC files or buckets.
To fix this, we need to set permissions policy at the bucket level. Currently, there is no ACL policy in place.
User story
As an organization that runs a trusted digital repository, I want to ensure that files can't be deleted by unauthorized users, and can't easily be deleted accidentally. However, on 30 September 2024 the team learned that our checksum files had been deleted. They were deleted more than 30 days ago, so we cannot restore them. We do not have any record of who deleted them or why, and we have no reason to think this can't happen again. Also, if this can happen to our checksum files, we think it could also happen to actual research data.
Acceptance criteria