Uploaded image for project: 'Couchbase Gateway'
  1. Couchbase Gateway
  2. CBG-3509

[3.1.2 Backport] Add opt-out for config env var expansion for db configs

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Critical
    • 3.1.2
    • None
    • SyncGateway
    • Security Level: Public
    • None
    • CBG Sprint 137
    • 1

    Description

      Config environment variable expansion is always enabled and works for:

      • Legacy config file
      • Startup config file (bootstrap)
      • Persistent database config (REST API)

       

      The last one can be problematic, because remote administrators can define the configuration without access to the machine running Sync Gateway, unlike the first two.

       

      Add a bootstrap config option to disable env var expansion for persistent database configs / database configs via REST API.

      We cannot easily prevent env var expansion for legacy/startup config files, because the option to disable it would be inside the config itself, and is less of an issue when considering the access required to write the bootstrap config file.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            ben.brooks Ben Brooks
            ben.brooks Ben Brooks
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty