I’ve been unaware that by default anyone can create a user in the _user file and I have someone doing that on a CouchDB server I run.
From what I’ve been able to learn about this so far I need to modify the "_design/_auth” file to prevent this, but I’m reluctant to muck around with that without knowing exactly how and where I need to edit that file. Any help would be much appreciated. -- Bill Stephenson
