👩💻 Join our community of thousands of amazing developers!
New project surfaced in our company, unoriginally called IAP GCS proxy. As the name suggests, it is a small golang proxy that provides IAP restricted access to Google Cloud Storage buckets. Within minutes one very interesting comment by Martin Bajanik, a senior application security engineer, appeared in the slack thread that caught my attention: This might allow path traversal from the outside to traverse to a different bucket, which might be a problem if we ever reuse the same SA on two differ...