nickva commented on PR #4432:
URL: https://github.com/apache/couchdb/pull/4432#issuecomment-1440706610
> Those local docs can still be fetched, updated, deleted, if you know the
ids. Just scrubbing them from the /dbname/_local_docs response is a partial fix.
Not really, it's a random chance if reading and writting those would work.
They are below the cluster level so doc id hashing isn't guaranteed to land it
on a right shard
```
% http put $DB/db'?q=8'
% http post $DB/db/_bulk_docs docs:='[{}, {}, {}]'
% http $DB/db/_local_docs
....
{
"id":
"_local/shard-sync-lX9QKOM429Elg1zgQVjY2A-k77wY4rMfBIYkHRoBveQXA",
"key":
"_local/shard-sync-lX9QKOM429Elg1zgQVjY2A-k77wY4rMfBIYkHRoBveQXA",
"value": {
"rev": "0-1"
}
}
...
}
% http $DB/db/_local/shard-sync-lX9QKOM429Elg1zgQVjY2A-k77wY4rMfBIYkHRoBveQXA
{
"error": "not_found",
"reason": "missing"
}
```
> This reminded me that actually nothing stops a user with sufficient
privilege from writing a doc of these two forms (not that it would be wise to
do so).
That's plausible a user who can write to the db can randomly destroy or
those checkpoint and mess up mem3 replicator or view purges. I think we're just
trying to hide the noise from users not necessarily prevent them from
manipulating these documents.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
