Limit access to system information

Hi guys,

I have a security question here. Let’s say I have a DB and couple of applications separated by buckets. I would like to limit their access to their bucket only. This works fine with “bucket password” feature, but I see that using that password they can also query “system” namespace and retrieve any information from there, is it correct? This is potential security breach for me. Can I somehow forbid access to “system” for non-admin users?

I use CB 4.6 CE and NodeJS client.


This is coming in 5.0.

1 Like