couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Cottlehuber <d...@muse.net.nz>
Subject Re: Configuration Load Order
Date Wed, 17 Aug 2011 14:30:47 GMT
On 18 August 2011 00:47, Robert Newson <rnewson@apache.org> wrote:
> Oh, that's not what I'm +1 for then.
>
> I specifically mean that passwords are never held in any .ini file,
> but instead in a separate password file that contains nothing but
> passwords, and never plaintext passwords either. It is updated with a
> script which takes username and password, crunches it, and writes it
> to the file. I used 'htpasswd' as shorthand for all of the above but
> clearly was too terse, sorry.

+1 to htpasswd. self-mutilation is not a good look & contravenes
principle of least surprise.

> I quite like your proposal too, though, where only bootstrapping
> (database_dir, etc) are in config and the rest can be read from a
> special _config database (thus eliminating any manual alterations from
> outside _config).
>
> B.

+0.
I support minimal ini entries for bootstrapping. Personally when
admining stuff I used svn; storing in couch makes that a script
instead of a text file.  It's already easy for people to lose DB
access by fiddling with rewrite rules; we need to ensure its
reversable and intuitive in case of self-inflicted muppet moments. I'm
not convinced the coolness of having everything in a _config.couch
outweighs the convenience of vi on .ini.

A+
Dave

> On 17 August 2011 12:29, Noah Slater <nslater@apache.org> wrote:
>>
>> On 16 Aug 2011, at 23:07, Robert Newson wrote:
>>
>>> nice idea to have a separate htpasswd (-like) file. Passwords are
>>> special, let's treat them accordingly.
>>
>> Just to clarify.
>>
>> The proposal you're commenting on only suggest a separate password script that generates
hashes which are then put into the regular ini files.
>

Mime
View raw message