You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by Lucas Toulouse <lu...@cozycloud.cc> on 2012/11/16 12:21:25 UTC
Separation between User and DB. (Config 1.2.0)
Hello,
I'm a Lucas, I have few questions on the configuration of Couchdb Users.
I try to create a Couch with an user = a DB
And configure user rights according to that. (ie An user can only write and
read his own Db)
(it's for backup purpose, i have user who have a couchdb in default
config, and they push a ponctual (not continuons, every 24H) replication on
a single backup couchdb)
I success to installing, configure my couchDb Admin_server, configure an
user
But
* The item roles : [ ] Why is the possible config? It's just a label or
it's do anything?
* How to protect database to be read by other user that doesn't own the
DB in my architecture.
* It is possible to 'hide' the db name ?
* In my case, is it more useful to have a DBuser or a DBadmin ?
Thank's a lot for reading me (and take few time to answer me)
Lucas T.
Re: Separation between User and DB. (Config 1.2.0)
Posted by svilen <az...@svilendobrev.com>.
yes, dbs are created (dont know about deleted) by admin only.
once u assign user to be member of a database, he can
read/write/replicate.
"members" is new name for "readers" from some version onwards, but
"readers" is kept for compatibility.
ciao
svil
www.svilendobrev.com
On Fri, 16 Nov 2012 14:01:44 +0100
Lucas Toulouse <lu...@cozycloud.cc> wrote:
> When you spoke about readers / members , I am lost. Any docs about
> that?? I didn't really find by myself.
>
> Readers was an old name for Members ? And it tells writing and reading
> rights ?
> If it's right,
> Can I create a DB with the admin account?
> Assign the member user1 ?
> Then replicate in this DB using user1 account?
>
>
> About possible BackDoor -> I think I read on the wiki that a user
> can't modify him roles (it's even a good thing)
>
> Bye
> Lucas
>
> 2012/11/16 svilen <az...@svilendobrev.com>
>
> > i have similar scenario (i have user-only databases, as well as
> > shared ones).
> >
> > i use readers/members and ignore roles - they are possible backdoor
> > - anyone can assign hirsef a role, as long as s/he knows its name.
> >
> > once a database has readers/members, noone but those (and the
> > admins) can access it. (readers means writing too, hence the new
> > name "members")
> >
> > well, u should have at least one admin defined in the couch config.
> >
> > i dont know if getting database names can be disabled to
> > non-admins..
> >
> > ciao
> > svilen
> >
> > On Fri, 16 Nov 2012 12:21:25 +0100
> > Lucas Toulouse <lu...@cozycloud.cc> wrote:
> >
> > > Hello,
> > > I'm a Lucas, I have few questions on the configuration of Couchdb
> > > Users.
> > >
> > > I try to create a Couch with an user = a DB
> > > And configure user rights according to that. (ie An user can only
> > > write and read his own Db)
> > >
> > > (it's for backup purpose, i have user who have a couchdb in
> > > default config, and they push a ponctual (not continuons, every
> > > 24H) replication on a single backup couchdb)
> > >
> > > I success to installing, configure my couchDb Admin_server,
> > > configure an user
> > >
> > > But
> > > * The item roles : [ ] Why is the possible config? It's just a
> > > label or it's do anything?
> > > * How to protect database to be read by other user that doesn't
> > > own the DB in my architecture.
> > > * It is possible to 'hide' the db name ?
> > > * In my case, is it more useful to have a DBuser or a DBadmin ?
> > >
> > > Thank's a lot for reading me (and take few time to answer me)
> > >
> > > Lucas T.
> >
Re: Separation between User and DB. (Config 1.2.0)
Posted by Lucas Toulouse <lu...@cozycloud.cc>.
When you spoke about readers / members , I am lost. Any docs about that??
I didn't really find by myself.
Readers was an old name for Members ? And it tells writing and reading
rights ?
If it's right,
Can I create a DB with the admin account?
Assign the member user1 ?
Then replicate in this DB using user1 account?
About possible BackDoor -> I think I read on the wiki that a user can't
modify him roles (it's even a good thing)
Bye
Lucas
2012/11/16 svilen <az...@svilendobrev.com>
> i have similar scenario (i have user-only databases, as well as
> shared ones).
>
> i use readers/members and ignore roles - they are possible backdoor -
> anyone can assign hirsef a role, as long as s/he knows its name.
>
> once a database has readers/members, noone but those (and the
> admins) can access it. (readers means writing too, hence the new name
> "members")
>
> well, u should have at least one admin defined in the couch config.
>
> i dont know if getting database names can be disabled to non-admins..
>
> ciao
> svilen
>
> On Fri, 16 Nov 2012 12:21:25 +0100
> Lucas Toulouse <lu...@cozycloud.cc> wrote:
>
> > Hello,
> > I'm a Lucas, I have few questions on the configuration of Couchdb
> > Users.
> >
> > I try to create a Couch with an user = a DB
> > And configure user rights according to that. (ie An user can only
> > write and read his own Db)
> >
> > (it's for backup purpose, i have user who have a couchdb in default
> > config, and they push a ponctual (not continuons, every 24H)
> > replication on a single backup couchdb)
> >
> > I success to installing, configure my couchDb Admin_server, configure
> > an user
> >
> > But
> > * The item roles : [ ] Why is the possible config? It's just a
> > label or it's do anything?
> > * How to protect database to be read by other user that doesn't
> > own the DB in my architecture.
> > * It is possible to 'hide' the db name ?
> > * In my case, is it more useful to have a DBuser or a DBadmin ?
> >
> > Thank's a lot for reading me (and take few time to answer me)
> >
> > Lucas T.
>
Re: Separation between User and DB. (Config 1.2.0)
Posted by svilen <az...@svilendobrev.com>.
i have similar scenario (i have user-only databases, as well as
shared ones).
i use readers/members and ignore roles - they are possible backdoor -
anyone can assign hirsef a role, as long as s/he knows its name.
once a database has readers/members, noone but those (and the
admins) can access it. (readers means writing too, hence the new name
"members")
well, u should have at least one admin defined in the couch config.
i dont know if getting database names can be disabled to non-admins..
ciao
svilen
On Fri, 16 Nov 2012 12:21:25 +0100
Lucas Toulouse <lu...@cozycloud.cc> wrote:
> Hello,
> I'm a Lucas, I have few questions on the configuration of Couchdb
> Users.
>
> I try to create a Couch with an user = a DB
> And configure user rights according to that. (ie An user can only
> write and read his own Db)
>
> (it's for backup purpose, i have user who have a couchdb in default
> config, and they push a ponctual (not continuons, every 24H)
> replication on a single backup couchdb)
>
> I success to installing, configure my couchDb Admin_server, configure
> an user
>
> But
> * The item roles : [ ] Why is the possible config? It's just a
> label or it's do anything?
> * How to protect database to be read by other user that doesn't
> own the DB in my architecture.
> * It is possible to 'hide' the db name ?
> * In my case, is it more useful to have a DBuser or a DBadmin ?
>
> Thank's a lot for reading me (and take few time to answer me)
>
> Lucas T.
Re: Separation between User and DB. (Config 1.2.0)
Posted by Dave Cottlehuber <dc...@jsonified.com>.
On 16 November 2012 16:35, svilen <az...@svilendobrev.com> wrote:
> quoting http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html
> '''
> If you define any database readers on a database anonymous reads are
> disabled, but anonymous writes (of regular documents, not design
> documents) are still enabled.
> '''
> is this really the case? i cannot write anonymously to my
> user-owned databases. i have server admin but no validation docs.
> (couchdb 1.2)
Svilen, you are correct -- looks like an error in the blog post.
Lucas, there's a bit more here
http://guide.couchdb.org/draft/security.html but the gist of it is
that there are groups (roles) defined in the _user db entries, and
these + the user names can be applied to a given DB in the admin or
members section. IIRC in 1.2.0 the name "readers" was swapped in for
"members" as being a member also gave write access, not just read.
Write access is typically controlled via validate_update_doc
functions.
A+
Dave
Re: Separation between User and DB. (Config 1.2.0)
Posted by svilen <az...@svilendobrev.com>.
quoting http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html
'''
If you define any database readers on a database anonymous reads are
disabled, but anonymous writes (of regular documents, not design
documents) are still enabled.
'''
is this really the case? i cannot write anonymously to my
user-owned databases. i have server admin but no validation docs.
(couchdb 1.2)
ciao
svilen
On Fri, 16 Nov 2012 14:40:07 +0100 Dave Cottlehuber <dc...@jsonified.com>
wrote:
> On 16 November 2012 12:21, Lucas Toulouse
> <lu...@cozycloud.cc> wrote:
> > Hello,
> > I'm a Lucas, I have few questions on the configuration of Couchdb
> > Users.
> >
> > I try to create a Couch with an user = a DB
> > And configure user rights according to that. (ie An user can only
> > write and read his own Db)
>
> Hi Lucas,
>
> Welcome!
>
> CouchDB security is at the DB level, so you are on the right track.
>
> For each user:
> - create normal user account
> - create the DB
> - open the security object & add that user's name into the members
> name field
>
> Once you've created a server admin (i.e. not running in admin party
> mode)
>
> From terminal you'd have something like:
>
> COUCH=http://admin:passwd@localhost:5984
> # create the user
> curl -HContent-Type:application/json \
> -vXPUT $COUCH/_users/org.couchdb.user:me \
> --data-binary '{"_id": "org.couchdb.user:me","name": "me","roles":
> [],"type": "user","password": "pwd"}'
>
> # create the DB
> curl -vX PUT $COUCH/me
>
> # update the security object
> curl -vX PUT $COUCH/me/_security \
> -Hcontent-type:application/json \
> --data-binary
> '{"admins":{"names":[],"roles":[]},"members":{"names":["me"],"roles":[]}}'
>
> You may want to put a validation doc in place to control writes at a
> per-doc level as well.
>
> http://wiki.apache.org/couchdb/Security_Features_Overview and
> http://guide.couchdb.org/draft/security.html and
> http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html
> are good references.
>
> A+
> Dave
Re: Separation between User and DB. (Config 1.2.0)
Posted by Dave Cottlehuber <dc...@jsonified.com>.
On 16 November 2012 12:21, Lucas Toulouse <lu...@cozycloud.cc> wrote:
> Hello,
> I'm a Lucas, I have few questions on the configuration of Couchdb Users.
>
> I try to create a Couch with an user = a DB
> And configure user rights according to that. (ie An user can only write and
> read his own Db)
Hi Lucas,
Welcome!
CouchDB security is at the DB level, so you are on the right track.
For each user:
- create normal user account
- create the DB
- open the security object & add that user's name into the members name field
Once you've created a server admin (i.e. not running in admin party mode)
>From terminal you'd have something like:
COUCH=http://admin:passwd@localhost:5984
# create the user
curl -HContent-Type:application/json \
-vXPUT $COUCH/_users/org.couchdb.user:me \
--data-binary '{"_id": "org.couchdb.user:me","name": "me","roles":
[],"type": "user","password": "pwd"}'
# create the DB
curl -vX PUT $COUCH/me
# update the security object
curl -vX PUT $COUCH/me/_security \
-Hcontent-type:application/json \
--data-binary
'{"admins":{"names":[],"roles":[]},"members":{"names":["me"],"roles":[]}}'
You may want to put a validation doc in place to control writes at a
per-doc level as well.
http://wiki.apache.org/couchdb/Security_Features_Overview and
http://guide.couchdb.org/draft/security.html and
http://blog.mattwoodward.com/2012/03/definitive-guide-to-couchdb.html
are good references.
A+
Dave