incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zachary Zolton <zachary.zol...@gmail.com>
Subject Visibility of target passwords in _replicator database
Date Wed, 10 Aug 2011 15:01:16 GMT
Hi,

I'm currently updating systems to use CouchDB 1.1, and I'm changing my
cron replication scripts into docs in the _replicator database. Now,
I've noticed that the specified username/password for the target
database (on a remote server) remain in cleartext in the replication
doc, as opposed to old active tasks which would just show ****** for
the password.

In response, I've set readers for the security object of the
_replicator database, though any user account that can read that
database can still read the username/passwords.

Is there a better way to specify the target database credentials?


Cheers,

Zach

Mime
View raw message