Admin Party

[Paul Hammant <ha...@apache.org>]

[Subj changed from 'CouchDB 2.0 blog series' to 'Admin Party']

I'v just taken a look at
http://docs.couchdb.org/en/2.0.0/intro/security.html#the-admin-party

CouchDB still has Admin Party as a default mode of operation, it says. Or
if it does not, the 2.0 document still reflects the 1.6.x situation.

I've no idea how to do it myself, but it would be great if there were
documentation that decisively turned off AdminParty and setup full security
(self signed cert, with a link to a secondary how-to) for installers.

This was needed before, but we have a reminder yesterday -
http://windowsitpro.com/security/mongodb-data-being-held-ransom (yes, I
know Mongo isn't Couch, but it could Couch be next). Y'all also remember
http://www.securion.io/single-post/2016/06/23/Voter-Database-with-154-Million-Records-Leaked-Online,
I hope.

In the end, a series of Perl-one-liners (at least) to turn off Admin party,
and make a CouchDB fully secure, are sufficient advice for an installer to
perform. That is, if changes are not going to be made in the direction of
'secure by default'.

Regards,

- Paul



On Wed, Jul 20, 2016 at 1:32 PM, Jan Lehnardt <ja...@apache.org> wrote:

> I’m not ready to call this secure by default. A newly created database is
> still world read/writable. We want to address this in future major
> releases, but  I wouldn’t boast about this just yet.
>
> Best
> Jan
> --
>
> > On 20 Jul 2016, at 18:50, Paul Hammant <pa...@hammant.org> wrote:
> >
> > In terms of topics for a CouchDB 2.x news cycle, there perhaps should be
> > one on "secure-by default" (no more admin party). That is a large feature
> > difference to v1.6.x.
> >
> > - Paul
> >
> >
>
>