couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Morin <...@cfcl.com>
Subject "safe" access to CouchDB?
Date Tue, 03 Feb 2009 07:49:19 GMT
I'm interested in finding out how to provide "safe" access to
CouchDB from untrusted (and possibly malicious) code.  What
can I do to allow queries, but make sure that no destructive
activities (including major denials of service) are allowed?


I have a Rack application that will filter all requests from
the untrusted code.  It can recognize and deny some kinds of
requests (eg, PUT, DELETE) pretty trivially.  It can also put
a tag on any requests it allows, flagging them as untrusted.

With a bit more effort, it should be possible to authenticate
the untrusted request as coming from a particular user.  This
might allow CouchDB's security framework to come into action.


Obviously, I'm still groping about for ideas here.  Any clues
or other helpful comments would be greatly appreciated.

-r
-- 
http://www.cfcl.com/rdm            Rich Morin
http://www.cfcl.com/rdm/resume     rdm@cfcl.com
http://www.cfcl.com/rdm/weblog     +1 650-873-7841

Technical editing and writing, programming, and web development

Mime
View raw message