rnewson commented on issue #1959: user: rootbakseven shows in _users but was not created URL: https://github.com/apache/couchdb/issues/1959#issuecomment-478343593 The _users database contains no users by default, so the presence of any document in there indicates someone/something has created it. Assuming you've followed the couchdb install steps (or used the wizard in the dashboard which automates them), you have defined at least one admin account (which is not stored in the _users database) with, hopefully, a strong password. This step ensures that anonymous users cannot create or delete databases, nor can they grant themselves access to existing databases. However, they can still make documents in the _users database or any other database that allows anonymous writes. The next major release of CouchDB will change the default permissions of a new database to "admin only" from the current default of allowing anyone to read/write, but you can set this for yourself; curl -X PUT http://user:pass@localhost:5984/_node/_local/_config/couchdb/default_security -d '"admin_only"' Or you can set the _security object of each database (including _users) to suit your specific needs.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
