You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by "Alexander Shorin (JIRA)" <ji...@apache.org> on 2015/02/23 21:56:12 UTC

[jira] [Created] (COUCHDB-2621) Hide _metadata database from the world by default

Alexander Shorin created COUCHDB-2621:
-----------------------------------------

             Summary: Hide _metadata database from the world by default
                 Key: COUCHDB-2621
                 URL: https://issues.apache.org/jira/browse/COUCHDB-2621
             Project: CouchDB
          Issue Type: Improvement
      Security Level: public (Regular issues)
          Components: Database Core
            Reporter: Alexander Shorin


After IRC conversation with [~janl] and [~chewbranca] we decided to hide _metadata database from the world by blocking all the access to it via HTTP API.  The motivation is the following:
- it lacks of validation logic, but adding such may hurt overall performance a more;
- it creates a confusion about database security management: should users use /db/_security endpoint of /_metadata/db@security one?
- technically, it allows to replicate databases metadata across the cluster, but this use case is a dark room of black cats;
- there is something about quorum thing, but I didn't get that completely (:

The proposal is to add chttpd handler which returns a HTTP error (403 Forbidden?) on /_metadata request and only allows to access to it from HTTP after setting couchdb/expose_metadata_database with value true in config file.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)