couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "Security_Features_Overview" by jchrisa
Date Mon, 28 Jun 2010 19:00:24 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Security_Features_Overview" page has been changed by jchrisa.
The comment on this change is: corrected misleading info about empty admins list on security
document.
http://wiki.apache.org/couchdb/Security_Features_Overview?action=diff&rev1=12&rev2=13

--------------------------------------------------

  
  Note that security objects are not regular versioned documents (that is, they are not under
MVCC rules). This is a design choice to speedup authorization checks (avoids traversing a
database's documents B-Tree).
  
- If both the names and roles fields of either the admins or readers properties are empty
arrays, it means the database has no admins or readers. Having no admins, any user has all
the privileges associated to a database. Having no readers, any user can write regular documents
(any non-design document) and read documents from the database.
+ If both the names and roles fields of either the admins or readers properties are empty
arrays, it means the database has no admins or readers. Having no admins, only server admins
(with the reserved _admin role) are able to update design document and make other admin level
changes. Having no readers, any user can write regular documents (any non-design document)
and read documents from the database.
  
  '''Note:''' If there are any reader names or roles defined for a database, then only authenticated
users having a matching name or role are allowed to read documents from the database (or do
a GET /db_name/ call).
  

Mime
View raw message