couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Grman <>
Subject Re: Allow user-defined views
Date Fri, 28 Nov 2014 01:23:56 GMT
Hi Alex,

Yes, the users would be able to import different sets of data, which isn't
relational, and use the platform to analyse it. The analysed data would be
in 99% of the cases append only (+ removing old data) and the data can be
defined by the user, as well as be hierarchical.

When I thought about the system in the beginning, CouchDB seemed like an
awesome choice as there would be only a couple of well defined queries and
storage is generally cheap, I thought that CouchDB views and their caching
are what I'm looking for.

The problem is again only with people who want to trick the system. I would
be also happy with a solution which would detect bad views ones they have
been deployed (uses too much space, takes too long to compute) and
deactivates and marks them for me to check. This way I could check those
few people who try a DoS attack and ban them from the service.

The additional main problem was, if it is really impossible to get data
from a different database inside the view and if the user won't be able to
access the underlying system, ..., or if it is just very difficult =>
possible, if someone wants to do it they'll find a way. But after reading
more and understanding more, how the views are executed using  evalcx I
think the other problems aren't a big concern for me anymore, is that

Although I've found in the code "if possible, use evalcx (not always
available)" - how can I check that evalcx is available on my system? Or is
it just a note for older distributions, nothing to be concerned about

Thank you


On Fri Nov 28 2014 at 1:37:57 AM Alexander Gabriel <> wrote:

> Hi Peter
> Will the users create their own datastructures too?
> If not this sounds like sql on relational tables might be a better tool for
> the problem.
> It seems to me you're hitting exactly the weak point of most nosql
> solutions.
> Alex
> 2014-11-28 0:49 GMT+01:00 Peter Grman <>:
> > Hi,
> >
> > this might sound like a terrible idea to someone who knows CouchDB, and
> if
> > that's the case, please just take a minute or two, to explain why,
> > otherwise, if the idea isn't so crazy after all, I hope I'll get some
> > solutions to my problem:
> >
> > I'm thinking of creating a platform based on CouchDB, where each set of
> > users (group, customer, ...) would get their own CouchDB Database, to
> store
> > and query data. I've heard in a podcast, roughly a year ago, that this is
> > how CouchDB was meant to be - many smaller databases.
> >
> > To query the data, I want to allow them, to define their own custom
> > queries. Now I could (and want to) create a form which allows to build a
> > query and translates it to a JS view, but I was thinking about
> > additionally, on top of that, allowing them to define their custom views
> > directly in JS. They would basically be allowed to define their custom
> > Map/Reduce functions.
> >
> > There is a lot which can go wrong with this the worst ones I came up
> with:
> > - DoS attack with endless loops inside the function
> > - DoS attack by emitting too much data (potentially in a loop again)
> >
> > As far as I've understood, it's not possible to access other Databases
> from
> > within the view, is this understanding of mine correct?
> >
> > Is it possible to access the filesystem or network services in any way
> from
> > the CouchDB view or is the JavaScript engine, which is running the code,
> > limiting enough?
> >
> > Are there any other things which could go wrong? - or did actually
> somebody
> > already use CouchDB like this, and it's perfectly normal?
> >
> > Is there any way I could prevent the problem with endless loops and data
> > emitting from happening? - I can run JSLint, which maybe will detect an
> > endless loop, but that won't help against a loop with a million
> iterations,
> > which will be called for every item inside CouchDB - still quite endless.
> >
> > Thank you for your help!
> >
> > Cheers,
> > Peter
> >

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message