[Couchdb Wiki] Update of "Security_Features_Overview" by jchrisa

[Apache Wiki <wi...@apache.org>]

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Security_Features_Overview" page has been changed by jchrisa.
The comment on this change is: corrected misleading info about empty admins list on security document.
http://wiki.apache.org/couchdb/Security_Features_Overview?action=diff&rev1=12&rev2=13

--------------------------------------------------

  
  Note that security objects are not regular versioned documents (that is, they are not under MVCC rules). This is a design choice to speedup authorization checks (avoids traversing a database's documents B-Tree).
  
- If both the names and roles fields of either the admins or readers properties are empty arrays, it means the database has no admins or readers. Having no admins, any user has all the privileges associated to a database. Having no readers, any user can write regular documents (any non-design document) and read documents from the database.
+ If both the names and roles fields of either the admins or readers properties are empty arrays, it means the database has no admins or readers. Having no admins, only server admins (with the reserved _admin role) are able to update design document and make other admin level changes. Having no readers, any user can write regular documents (any non-design document) and read documents from the database.
  
  '''Note:''' If there are any reader names or roles defined for a database, then only authenticated users having a matching name or role are allowed to read documents from the database (or do a GET /db_name/ call).