Return-Path: Delivered-To: apmail-incubator-couchdb-user-archive@locus.apache.org Received: (qmail 58844 invoked from network); 7 Oct 2008 23:55:24 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 7 Oct 2008 23:55:24 -0000 Received: (qmail 6332 invoked by uid 500); 7 Oct 2008 23:55:22 -0000 Delivered-To: apmail-incubator-couchdb-user-archive@incubator.apache.org Received: (qmail 6302 invoked by uid 500); 7 Oct 2008 23:55:22 -0000 Mailing-List: contact couchdb-user-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: couchdb-user@incubator.apache.org Delivered-To: mailing list couchdb-user@incubator.apache.org Received: (qmail 6291 invoked by uid 99); 7 Oct 2008 23:55:22 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Oct 2008 16:55:22 -0700 X-ASF-Spam-Status: No, hits=0.1 required=10.0 tests=DNS_FROM_SECURITYSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of automatthew@gmail.com designates 209.85.128.191 as permitted sender) Received: from [209.85.128.191] (HELO fk-out-0910.google.com) (209.85.128.191) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Oct 2008 23:54:19 +0000 Received: by fk-out-0910.google.com with SMTP id 19so2941175fkr.12 for ; Tue, 07 Oct 2008 16:54:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=iI0CC8Durfa3vuADxHSghALdAmS8roQ3FJvTrlU23vA=; b=BGeIpHzPcAEuWuWxgHI3giClvtOaRrdfEUTGRnLZrH2m8G4e0XLMNHHbuENgwXtfVx jZ9caEEooQQZSbOkzffibe/RjPBUNE/exMFDxYgnSWnMkpq15foIGekA/K5BSubtub7t /bv9wHh9njoMJe5f2JkFjVlP4BfL6OwFRww8U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=BLXQVZyGFXnilkbSgQ4tVVxNTCXDKcyYBR1LsZH9JjvIgn7kiYqU4X+EMgClQWaI20 imYwKFz9VPbPK3w78vJKIQfZbMnS2KIBDjaPpo636yyZjv9NOPz2fat4a6jYCLaOguq/ uAYicmscGJa2yjlVV1SaRBwRYwlVvNrMtazqM= Received: by 10.187.242.9 with SMTP id u9mr1445467far.53.1223423684177; Tue, 07 Oct 2008 16:54:44 -0700 (PDT) Received: by 10.187.163.14 with HTTP; Tue, 7 Oct 2008 16:54:44 -0700 (PDT) Message-ID: Date: Tue, 7 Oct 2008 18:54:44 -0500 From: "Matthew King" To: couchdb-user@incubator.apache.org Subject: Re: Security via probability In-Reply-To: <7c40ded80810071642v6b4a601cxecb74630b7e6d59f@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <13ae4dd50810071635s5f655d45ofb084e3e74fd6be6@mail.gmail.com> <7c40ded80810071642v6b4a601cxecb74630b7e6d59f@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org Block requests to the all docs query, and you have the beginnings of a capability system. On Tue, Oct 7, 2008 at 6:42 PM, Jeremy Wall wrote: > This assumes that the user has to guess. If the user gets the docif > via some other means, say by the all docs query built in to couchdb > then h doesn't have to guess. > > > > On 10/7/08, Paul Carey wrote: >> My webapp PUTs data to a url like /controller/couchdb_db_doc_id. The >> associated action currently performs no security checks. Specifically, >> it doesn't ensure that the user making the PUT request and modifying >> the data actually owns the associated document. >> >> Given a uuid as a doc id, the chances of guessing a doc id are very >> low indeed; successfully guessing a typical user's password would be >> much easier. In order for an attack to be successful the attacker >> would have to first guess a document id - extremely unlikely. This >> leads me to believe that I don't *need* to perform any security checks >> when modifying a document as described above. Any thoughts to the >> contrary? >> >> Cheers >> >> Paul >> > > -- > Sent from my mobile device >