couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Kocoloski <kocol...@apache.org>
Subject Re: CouchDB 3.0 Weekly Update
Date Wed, 09 Oct 2019 19:17:23 GMT
OK on the security tightening I found this email from Joan:

https://lists.apache.org/thread.html/9c3dacde83d698c262afec5eca524783c71dbeceee26aa66a77538ee@%3Cdev.couchdb.apache.org%3E
<https://lists.apache.org/thread.html/9c3dacde83d698c262afec5eca524783c71dbeceee26aa66a77538ee@%3Cdev.couchdb.apache.org%3E>

Reproduced here. I’ll add this context to the ticket, but seems like there’s a decent
amount of design work left to do here.

Adam

> I remembered one last deprecation we wanted in 3.0: security tightening, 
> which included the deprecation of admin party.
> 
> Jan can you find the ticket on this? I don't think it's the full #1504. 
> Just new defaults, and we'll need to think thru what happens when 
> starting up a node that has no [admins]. Do we create one and log its 
> password to the logfile? What if logging is disabled / goes nowhere? Or 
> do we simply refuse to start until an admin is created? What about 
> crypting and salting the password ahead of time - do we introduce a 
> small cli tool to generate passwords like apache/httpd does? Many questions.
> 
> -Joan

> On Oct 9, 2019, at 2:32 PM, Adam Kocoloski <kocolosk@apache.org> wrote:
> 
> I tidied up the “3.0 Release Tasks” column and closed out a few issue that didn’t
get auto-closed through PRs. We’re down to 8 cards in that column at the moment.
> 
> One issue is the rebar3 / mix migration: https://github.com/apache/couchdb/issues/1428.
I’m not convinced that needs to land for 3.0. I expect most people use our binary packages
and/or container-based installation methods rather than building from source themselves. It
also feels like there’s a fair amount of open-ended experimentation that might take place
in order to build consensus on the direction there. I’d like to move that back into the
backlog; does anyone disagree?
> 
> We also have an issue that says we want to “tighten up the security model”: https://github.com/apache/couchdb/issues/2191.
I don’t know quite what the intended scope is for that. Does anyone have specifics there?
> 
> Adam
> 
>> On Oct 2, 2019, at 10:25 AM, Denitsa Burroughs <denitsa.burroughs@gmail.com>
wrote:
>> 
>> Hi all,
>> 
>> Here's a weekly update on CouchDB 3.0. Still looking for volunteers to work
>> on the available issues and/or doc items. Please take a look and let me
>> know if you can work in any of thise.
>> 
>> *In progress (Owners, please provide an update):*
>> 
>> #1524  <https://github.com/apache/couchdb/issues/1524> Per-document access
>> control- Jan
>> #1875 <https://github.com/apache/couchdb/issues/1875> Update SpiderMonkey
>> Version - Peng Hui
>> #2165 <https://github.com/apache/couchdb/issues/2165> - Remove
>> delayed_commits setting - Nick (docs left)
>> 
>> *Available: *
>> #2177 <https://github.com/apache/couchdb/issues/2177> Update Fauxton
>> dependency
>> #2169 <https://github.com/apache/couchdb/issues/2169> Remove support for
>> ?stale query parameter in favor of `stable` and `update_after` combo
>> #2167 <https://github.com/apache/couchdb/issues/2167> Remove vestiges of
>> view-based `_changes` feed
>> #2166 <https://github.com/apache/couchdb/issues/2166> - Remove
>> `/{db}/_external/*`
>> #2115 <https://github.com/apache/couchdb/issues/2115> Update default config
>> settings (Q, max_document_size, etc.)
>> #1428 <https://github.com/apache/couchdb/issues/1428>  Migrate to rebar3 or
>> mix
>> #1470 <https://github.com/apache/couchdb/pull/1470> Fix calculation of
>> external size for attachments - Eric?
>> #1523 <https://github.com/apache/couchdb/issues/1523>  Retire the
>> node-local interface (port 5986)
>> 
>>  - WIP PR: https://github.com/apache/couchdb/pull/2092
>> 
>> 
>> *Discussion items (on ML):*
>> 2191 <https://github.com/apache/couchdb/issues/2191> Tightening up the
>> security model
>> IOQ discussion - Cluster setup does not create IOQ stats database
>> 
>> *Documentation improvements:*
>> - Proposed deprecations for 3.0, not rebuilt/removed in 4.0
>> - couch_btree developer docs - Chintan
>> 
>> Thanks!
>> 
>> Deni
> 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message