Permalink
Browse files

MB-100: start babysitter node with nocookie

I've seen that if I don't specify cookie then it'll generate some
sensible and randomly-looking cookie itself (but interstingly, not on
windows). So I decided to allow it to use it's own generated cookie.

But I've just found that something (presumably erlang itself) is
saving that generated cookie to /opt/couchbase/.erlang.cookie. That's
world-readable location (at least as of now) and thus is not really
secure.

Starting with nocookie will cause babysitter to generate cookie via
our normal cookie generation code.

Change-Id: Ic5e790d9ddbc4f077f210bf545985081e634695d
Reviewed-on: http://review.couchbase.org/25576
Reviewed-by: Aliaksey Kandratsenka <alkondratenko@gmail.com>
Tested-by: Aliaksey Kandratsenka <alkondratenko@gmail.com>
  • Loading branch information...
1 parent ac41405 commit 6e7cdb0718e4597f08b4af8f22d999a9e171f799 Aliaksey Kandratsenka committed with alk Apr 9, 2013
Showing with 1 addition and 0 deletions.
  1. +1 −0 couchbase-server.sh.in
View
@@ -130,6 +130,7 @@ _start() {
error_logger false \
-sasl sasl_error_logger false \
-name 'babysitter_of_ns_1@127.0.0.1' \
+ -setcookie nocookie \
$* \
-run ns_babysitter_bootstrap -- \
-couch_ini $couch_start_arguments \

0 comments on commit 6e7cdb0

Please sign in to comment.