On Tue, Aug 16, 2011 at 11:33, Jan Lehnardt <j...@apache.org> wrote: > > On Aug 16, 2011, at 8:31 PM, Noah Slater wrote: > > > > > On 16 Aug 2011, at 10:33, Benoit Chesneau wrote: > > > >> Imo we shouldn't at all provide plaintext passwords. Maybe a safer > >> option would be to let the admin create the first one via http or put > >> the hash in the a password.ini file manually. If we are enough kind we > >> could also provide a couchctl script allowing user management, config > >> changes ... ? > > > > This sounds like a decent proposal. Much like you have to use htpasswd to > generate passwords for Apache httpd, we could bundle a script that lets you > generate passwords for the CouchDB ini files, and then forbid the use of > plaintext. This solves both the technical problem (I think?) and helps us > re-enforce better security practices across the board. > > Agreed. > > Agreed also. We still have a question about load and save order. One idea would be to track the .ini file from whence an option came. If an option comes from a local.ini or local.d/ file it could be updated in place. If it comes from a default.ini or default.d/ file, updates should be placed in local.ini. This would make the most sense to me.
I would also be in favor of enforcing a load order that supports a directory structure like: local.d/ 010-stuff.ini 020-others.ini We don't need to ship anything like that by default. I think right now we take the load directories on the command line, no? It'd be nice if the order of resolution within those directories was well specified. -Randall
