couchdb-marketing mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Wenk <andyw...@apache.org>
Subject Re: For next NEWS - MongoDB security
Date Thu, 12 Feb 2015 08:51:48 GMT
Alex,

this is the marketing list. It is applicable that if you do not configure
CouchDB correctly you have security issues. All I want to say here is the
fact, that not only MongoDB has security leaks when not configured
correctly but also CouchDB (and mySQL, and PostgreSQL and ...). So it is
worth mentioning the findings by these students in the news by pointing to
their website or paper.

You are welcome to write an article or blog post about how to secure
CouchDB and which mechanisms are offered. Maybe also in comparison with
MongoDB. Would be extremely cool to then point to the article.

Cheers

Andy

On 12 February 2015 at 09:31, Alexander Shorin <kxepal@gmail.com> wrote:

> On Thu, Feb 12, 2015 at 11:09 AM, Andy Wenk <andywenk@apache.org> wrote:
> > The name MongoDB is interchangeable with CouchDB because:
> >
> > "The respective users of MongoDB are responsible for configuring their
> > databases in a secure manner."
> >
> > Again, change MongoDB with CouchDB.
>
> I don't think this is applicable.
>
> 1) CouchDB by default doesn't listens 0.0.0.0, just localhost;
> 2) It's ok for CouchDB to be open for the world (without Admin Party);
> 3) Users are always in response for security of their services and
> correct setup;
> 4) It's always possible to make your setup vulnerable due to
> misconfiguration
>
> You may also remember epic story about served .git and .svn
> directories on major web sites long time ago. Because their deployment
> was based on VCS and HTTP wasn't configures to exclude these files
> from serving this doesn't means that Git or SVN or Apache HTTPd are in
> risk zone.
>
> Since 2.0 we disallow join nodes into cluster with Admin Party on
> board. As for single node, there was an idea to prevent setting
> bind_address to something different from localhost when Admin Party is
> on. While this worths to implement in anyway, there is nothing stops
> users to just setup reverse-proxy in front of such CouchDB and provide
> world wide access with server admin bits for everyone on the Internet.
>
> But we could encourage users to keep their CouchDB in secure by
> providing server audit feature out of the box which reads config file,
> database security objects and prints out report with the _possible_
> security issues. Currently, there are few of such implementations made
> as third-party projects which almost none uses in real for everyday (I
> just think so).
>
> --
> ,,,^..^,,,
>



-- 
Andy Wenk
Hamburg - Germany
RockIt!

GPG fingerprint: C044 8322 9E12 1483 4FEC 9452 B65D 6BE3 9ED3 9588

 https://people.apache.org/keys/committer/andywenk.asc

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message