Remove default S3.Public on bucket object uploads

[mikejgray]

s3put/storage.go

Line 103 in 8200d4a

err := s.bucket.PutReader(key, item, item.Size, mime.TypeByExtension(filepath.Ext(item.Path)), s3.PublicRead)

Defaulting to a public ACL on a bucket object upload is not at all a secure practice. Preferably, object ACLs could be added via CLI options. If anything is hardcoded it should be BucketOwnerFullControl.