couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Smith (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-1656) Anonymous Users and Non-Admins Can Read the Security Object
Date Mon, 28 Jan 2013 09:15:12 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-1656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13564133#comment-13564133
] 

Jason Smith commented on COUCHDB-1656:
--------------------------------------

The _security object is similar to a normal document inside the database. (There has even
been discussion about moving security to a local document, _local/_security so it could have
some MVCC features).

So I think in general, if a user can read the database, or documents inside it, then they
can read the _security object too.

In other words, the primary secret of the CouchDB security model is users' passwords. Learning
the _security object (or the contents of validate_doc_update functions) should not alter the
secrecy or privacy of the data.
                
> Anonymous Users and Non-Admins Can Read the Security Object
> -----------------------------------------------------------
>
>                 Key: COUCHDB-1656
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1656
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Database Core
>            Reporter: Klaus Trainer
>         Attachments: 0001-Don-t-give-non-admins-read-access-to-db-_security.patch
>
>
> It is possible that anonymous users are able to read a DB's security object if the security
object's `members` array is empty or missing. Also, it is generally possible for authenticated
members (non-admin users) to read  the security object.
> Only admin users should be allowed to read the security object.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message