couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ben Keen (JIRA)" <>
Subject [jira] [Commented] (COUCHDB-2390) Fauxton config, admin sections considered dangerous in 2.0
Date Mon, 24 Nov 2014 22:58:13 GMT


Ben Keen commented on COUCHDB-2390:

My previous idea didn't meet with much approval (fine fine, it *was* a hack) and I'm rather
out of ideas.

To sum up, without backend support, all we can really do is add a message to the page saying
"This applies to the current node only" on the Config + Create Admin pages - with maybe some
additional explanatory blurb. The message would only ever appear for 2.x, not 1.x.

All considered, I think that would be better than removing the functionality altogether.

> Fauxton config, admin sections considered dangerous in 2.0
> ----------------------------------------------------------
>                 Key: COUCHDB-2390
>                 URL:
>             Project: CouchDB
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: BigCouch, Fauxton
>            Reporter: Joan Touzet
>            Priority: Blocker
> In Fauxton today, there is are 2 sections to edit config-file settings and to create
new admins. Neither of these sections will work as intended in a clustered setup.
> Any Fauxton session will necessarily be speaking to a single machine. The config APIs
and admin user info as exposed will only add that information to a single node's .ini file.
> We should hide these features in Fauxton for now (short-term fix) and correct the config
/admin creation APIs to work correctly in a clustered setup (medium-term fix).

This message was sent by Atlassian JIRA

View raw message