couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Capestany (JIRA)" <>
Subject [jira] [Created] (COUCHDB-1588) Only respond to _all_dbs request from server admin
Date Fri, 02 Nov 2012 19:21:13 GMT
Paul Capestany created COUCHDB-1588:

             Summary: Only respond to _all_dbs request from server admin
                 Key: COUCHDB-1588
             Project: CouchDB
          Issue Type: Improvement
    Affects Versions: 1.2
            Reporter: Paul Capestany
            Priority: Minor

When spinning up a DB per user (or multiple DBs per user), it could be a matter of privacy
what the DBs are named by any registered user simply doing a _all_dbs request. Similarly,
for a successful app, competitors could use _all_dbs to get potentially very important info
about how many users you have, growth rate, etc.

So, instead of trying to deal with this _all_dbs request issue via "_all_dbs should list only
the DBs accessible to the user" (, why not
just limit the response to only server admins?

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message