When you spoke about readers / members , I am lost. Any docs about that?? I didn't really find by myself.
Readers was an old name for Members ? And it tells writing and reading rights ? If it's right, Can I create a DB with the admin account? Assign the member user1 ? Then replicate in this DB using user1 account? About possible BackDoor -> I think I read on the wiki that a user can't modify him roles (it's even a good thing) Bye Lucas 2012/11/16 svilen <[email protected]> > i have similar scenario (i have user-only databases, as well as > shared ones). > > i use readers/members and ignore roles - they are possible backdoor - > anyone can assign hirsef a role, as long as s/he knows its name. > > once a database has readers/members, noone but those (and the > admins) can access it. (readers means writing too, hence the new name > "members") > > well, u should have at least one admin defined in the couch config. > > i dont know if getting database names can be disabled to non-admins.. > > ciao > svilen > > On Fri, 16 Nov 2012 12:21:25 +0100 > Lucas Toulouse <[email protected]> wrote: > > > Hello, > > I'm a Lucas, I have few questions on the configuration of Couchdb > > Users. > > > > I try to create a Couch with an user = a DB > > And configure user rights according to that. (ie An user can only > > write and read his own Db) > > > > (it's for backup purpose, i have user who have a couchdb in default > > config, and they push a ponctual (not continuons, every 24H) > > replication on a single backup couchdb) > > > > I success to installing, configure my couchDb Admin_server, configure > > an user > > > > But > > * The item roles : [ ] Why is the possible config? It's just a > > label or it's do anything? > > * How to protect database to be read by other user that doesn't > > own the DB in my architecture. > > * It is possible to 'hide' the db name ? > > * In my case, is it more useful to have a DBuser or a DBadmin ? > > > > Thank's a lot for reading me (and take few time to answer me) > > > > Lucas T. >
