incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: Visibility of target passwords in _replicator database
Date Wed, 10 Aug 2011 17:57:26 GMT
The trouble is that the replicator, on restart, needs to read that
password. You can add a _security doc to the _replicator database,
though.

B.

On 10 August 2011 16:01, Zachary Zolton <zachary.zolton@gmail.com> wrote:
> Hi,
>
> I'm currently updating systems to use CouchDB 1.1, and I'm changing my
> cron replication scripts into docs in the _replicator database. Now,
> I've noticed that the specified username/password for the target
> database (on a remote server) remain in cleartext in the replication
> doc, as opposed to old active tasks which would just show ****** for
> the password.
>
> In response, I've set readers for the security object of the
> _replicator database, though any user account that can read that
> database can still read the username/passwords.
>
> Is there a better way to specify the target database credentials?
>
>
> Cheers,
>
> Zach
>

Mime
View raw message