couchdb-marketing mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Shorin <kxe...@gmail.com>
Subject Re: For next NEWS - MongoDB security
Date Thu, 12 Feb 2015 08:31:23 GMT
On Thu, Feb 12, 2015 at 11:09 AM, Andy Wenk <andywenk@apache.org> wrote:
> The name MongoDB is interchangeable with CouchDB because:
>
> "The respective users of MongoDB are responsible for configuring their
> databases in a secure manner."
>
> Again, change MongoDB with CouchDB.

I don't think this is applicable.

1) CouchDB by default doesn't listens 0.0.0.0, just localhost;
2) It's ok for CouchDB to be open for the world (without Admin Party);
3) Users are always in response for security of their services and
correct setup;
4) It's always possible to make your setup vulnerable due to misconfiguration

You may also remember epic story about served .git and .svn
directories on major web sites long time ago. Because their deployment
was based on VCS and HTTP wasn't configures to exclude these files
from serving this doesn't means that Git or SVN or Apache HTTPd are in
risk zone.

Since 2.0 we disallow join nodes into cluster with Admin Party on
board. As for single node, there was an idea to prevent setting
bind_address to something different from localhost when Admin Party is
on. While this worths to implement in anyway, there is nothing stops
users to just setup reverse-proxy in front of such CouchDB and provide
world wide access with server admin bits for everyone on the Internet.

But we could encourage users to keep their CouchDB in secure by
providing server audit feature out of the box which reads config file,
database security objects and prints out report with the _possible_
security issues. Currently, there are few of such implementations made
as third-party projects which almost none uses in real for everyday (I
just think so).

--
,,,^..^,,,

Mime
View raw message