couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Filipe Manana (Closed) (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (COUCHDB-1314) Couchdb _replicator documents should not show passwords in clear text
Date Fri, 06 Jan 2012 14:33:39 GMT

     [ https://issues.apache.org/jira/browse/COUCHDB-1314?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Filipe Manana closed COUCHDB-1314.
----------------------------------

       Resolution: Fixed
    Fix Version/s: 1.2

This issue is fixed by the recently committed security changes.
Consult the following wiki pages:

http://wiki.apache.org/couchdb/Security_Features_Overview
http://wiki.apache.org/couchdb/Breaking_changes
                
> Couchdb _replicator documents should not show passwords in clear text
> ---------------------------------------------------------------------
>
>                 Key: COUCHDB-1314
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1314
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: Replication
>    Affects Versions: 1.1
>            Reporter: Dario Freire
>            Priority: Critical
>              Labels: replication, replicator, security
>             Fix For: 1.2
>
>
> The documents stored in the _replicator database show passwords in clear text.
> Imagine a scenario where a developer provides a couchdb app that runs in a central location
and must synchronize with user's local couchdb instances.
> The users would need to pull updates to their database by adding a document to _replicator:
> {
>     "_id": "great-app",
>     "source":  "http://great-app-provider.com:5984/great-app",
>     "target":  "my-great-app",
>     "create_target":  true
> }
> Now if the developer doesn't want his central couchdb instance to be public, he needs
to protect it by creating an admin party.
> The problem is that he cannot longer share his database for replication because doing
so would reveal the admin credentials to the app users.
> i.e. in order for the synchronization to work the users would need to update their _replicator
documents to:
> {
>     "_id": "great-app",
>     "source":  "http://admin:password@great-app-provider.com:5984/great-app",
>     "target":  "my-great-app",
>     "create_target":  true
> }
> All in plain text.
> Thus, the users would know how to access the restricted central couchdb instance.
> This is just a possible scenario where showing credentials in plain text is a problem,
but by no means is the only scenario where it is a problem.
> Since one of the "selling points" of couchdb is its outstanding ability to synchronize
databases, the security concerns caused by this issue make it impossible to use in practice.

> Because of this, it looks like an improvement on this matter is of critical importance.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message