couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <jch...@apache.org>
Subject Re: Common security pattern?
Date Sun, 03 Jan 2010 19:40:32 GMT
On Sun, Jan 3, 2010 at 11:21 AM, Karel Minařík <karel.minarik@gmail.com> wrote:
> Hi,
>
>> Everything except the throttling of deletes for a given user should be
>> easy to do natively with CouchDB.
>
> how about anyone accessing other databases, documents? Ie., I want to expose
> one database, containing the app (blog, wiki, etc), but not allow anyone
> browse databases, use Futon, etc. As far as I know the only way how to
> accomplish that would be to put reverse-proxy between the public and couch.

I'd avoid thinking that hiding Futon provides security. Ideally users
would be able to get into the data via Futon if they choose. If you
structure your validation functions properly, this should be
completely secure (more secure than an http-proxy based authorization
model).

OTOH, if you want to make some databases private (read-control),
CouchDB does not have a provision for that. Using an HTTP proxy layer
is great for this usage. And if you do it right, it has the advantage
that Futon should work fine for databases the user has permission to
read.

We are planning per-database reader ACLs, hopefully in time for 0.11,
depending on how complex the patch is.

Chris

>
> Karel
>



-- 
Chris Anderson
http://jchrisa.net
http://couch.io

Mime
View raw message