Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-23110

Separation of Duties - Administrators should not be able to see user data

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Major
    • 5.5.0
    • 5.0.0
    • ns_server

    Description

      A frequently requested improvement in our RBAC control is for a user who can perform administrative tasks but not view any of the data.

       

      The use case is for an organization to give its production administrators the ability to add/remove/failover nodes, add/edit/delete bucket configurations but not to be able to see any of the data.  Because of our "Document", "Views" and "Query" UI, all administrators are currently able to view sensitive data which is a big security hole for production deployments.

       

      My suggestion would be to remove access to the "data" API's for the "Read-only" and "Cluster Admin" roles.  If the end-user wishes to grant data access as well, they can simply add the "data reader" or "query select" roles as well to that user.

       

      With a relatively simple change, this then achieves the need for full separation of duties between administrator and data/developer.

      Attachments

        Issue Links

          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. MB-11314 AuthZ : RBAC for Admins

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. MB-28417 cluster admin role downgraded to not have permission to view data

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. MB-28418 bucket admin role downgraded to not have permission to view bucket data

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. MB-29270 RBAC Role: Statistics Only User

          • Major - Major loss of function.
          • Open

          Improvement - An improvement or enhancement to an existing feature or task. MB-28419 Add new "Security Admin" role

          • Major - Major loss of function.
          • Resolved
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              sharal.sonia Sharal Sonia (Inactive)
              perry Perry Krug
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty