incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From svilen ...@svilendobrev.com>
Subject Re: Separation between User and DB. (Config 1.2.0)
Date Fri, 16 Nov 2012 12:25:10 GMT
i have similar scenario (i have user-only databases, as well as
shared ones).

i use readers/members and ignore roles - they are possible backdoor -
anyone can assign hirsef a role, as long as s/he knows its name.

once a database has readers/members, noone but those (and the
admins) can access it. (readers means writing too, hence the new name
"members")

well, u should have at least one admin defined in the couch config.

i dont know if getting database names can be disabled to non-admins..

ciao
svilen

 On Fri, 16 Nov 2012 12:21:25 +0100
Lucas Toulouse <lucas.toulouse@cozycloud.cc> wrote:

> Hello,
> I'm a Lucas, I have few questions on the configuration of Couchdb
> Users.
> 
> I try to create a Couch with an user = a DB
> And configure user rights according to that. (ie An user can only
> write and read his own Db)
> 
> (it's for backup purpose, i have  user who have a couchdb in default
> config, and they push a ponctual (not continuons, every 24H)
> replication on a single backup couchdb)
> 
> I success to installing, configure my couchDb Admin_server, configure
> an user
> 
> But
>   *  The item roles : [ ] Why is the possible config? It's just a
> label or it's do anything?
>   *  How to protect database to be read by other user that doesn't
> own the DB in my architecture.
>   *  It is possible to 'hide' the db name  ?
>   *  In my case, is it more useful to have a DBuser or a DBadmin ?
> 
> Thank's a lot for reading me (and take few time to answer me)
> 
> Lucas T.

Mime
View raw message