CouchDB的安全Android设备(和iOS) [英] CouchDB security for Android Devices (and iOS)
问题描述
我只是工作,通过自己的wiki文章以及有关 CouchDB的安全相关博客文章。
I just worked myself through a wiki article and blogposts regarding CouchDB's security.
现在我想知道这是如何做到的Android。而Android平台的安全性是依靠沙盒应用,所以配置文件不能存储所有的,但应用程序的目录或者SD卡连接。
Now I am wondering how this is done in Android. The Android platforms security is relying on sandboxing applications, so config files can not be stored every but the app directory or maybe the sd card attached.
据我了解,服务器管理员在一个.ini文件和require_valid_user设置以及常规CouchDB的情况下进行配置。
As I learned, server admins are configured in a .ini file and the require_valid_user settings as well in regular CouchDB instances.
在Android上,我知道,那uppon安装,CouchDB是存储与密码生成的服务器管理员的CouchDB的应用程序目录中文本文件。如何在其他配置?
On Android, I know, that uppon installation, CouchDB is storing a generated server admin with password to a textfile in the CouchDB application directory. How about the other configurations?
时的require_valid_user,例如默认设置为true(这是没有必要的?),或者这是怎么解决的?
Is "require_valid_user" for example set to true by default( is this not necessary?), or how is this solved?
如果没有必要的话,我想知道为什么: - )
If it was not necessary, then I would like to know why :-)
(我也张贴了这个问题向CouchDB的邮件列表,如果我得到一个合适的人会在这里更新的答案)
(I also posted this question to the couchdb mailing list and will update the answer here if I get a suitable one)
问候,克里斯
推荐答案
简短的回答是,在Android的CouchDB没有安全。
The short answer is that on Android CouchDB has no security.
CouchDB的规定本身就是一个管理员用户名/密码,您可以要求服务提供你一个数据库,你被赋予管理员凭据,管理员和读者设置需要一个数据库,允许这样的匿名访问的心不是和require_valid_user心不是上。
CouchDB provisions itself an admin user / password, you can ask the service to provision you a database to which you are given admin credentials, an admin and a reader is set on that database so anonymous access isnt allowed and require_valid_user isnt needed.
但是,所有数据都将存储在一个没有安全任何的frontdoor是相当不错狂奔,但窗口是敞开的,如果你有敏感数据,那么你不能使用的沙发上,这是相同的大多数外部存储需要处理Android上的任何可观的数据量的应用程序。
However all of the data is then stored on external storage which has no security whatsoever, the frontdoor is fairly well bolted but the window is wide open, if you have sensitive data then you cannot use couch, this is the same for most applications that need to handle any sizable amounts of data on android.
其值得一提的CouchDB的本地主机上运行,因此数据是谁的人有到您的设备只能访问敏感的,它不让人把它捡起来,从WiFi或等。
Its worth mentioning that couchdb runs on localhost so the data is only sensitive to someone who has access to your device, it doesnt let people pick it up from wifi or such.
今后的几件事情都可能发生变化,内部监督办公室要求每个应用程序有自己的CouchDB的安装及其可能的Android将遵循同样的模式,这意味着每个应用程序将给予鸥服务器管理员凭据并能保护他们的数据因为他们希望,一旦该问题已得到修复我会想办法来移动数据从SD卡或保护数据的SD卡。
Going forward a few things are likely to change, ios requires each application to have its own couchdb install and its likely that android will follow the same model, this means each application will be given gull server admin credentials and can protect their data as they wish, once that issue has been fixed I will be looking into ways to move the data off the sdcard or secure the data on the sdcard.
这篇关于CouchDB的安全Android设备(和iOS)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
