New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make DRB UI read-only #6792
Comments
RethinkDB has read-only users. So that could be used to implement this. |
@yaneony I'm closing this issue for now. If you would like to reopen it, feel free to do. |
But there is no auth on gui, or?! |
So, maybe I misunderstood but isn’t the Nginx + read-only access a possible workaround? I mean I’m happy to reopen the issue but I thought the conclusion was that. Really sorry for the inconvenience. Should we reopen? |
I don't get why it was closed. What I mean is, this is generally implementable, by having auth on GUI, or even no-auth but some read-only admin user on GUI, depending on how you want to set it up. |
@yaneony |
Please read initial post. Your recommendation is worthless, since, i'll quote:
From here: https://rethinkdb.com/docs/permissions-and-accounts/#the-admin-user |
As for now, web UI gives you full control over all database/server/cluster. Exposing such UI over web is pretty dangerous. Sure, there is still possibility to put it behind apache/nginx with authentification, but still a dangerous thing.
It would be nice to have some king of possibility to turn UI in read-only mode, so it could be seen/checked for stats purpose only like current read/write, cache usage, etc.
The text was updated successfully, but these errors were encountered: