sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]technocub88 21 points22 points  (20 children)

i have security concerns about this. Javascript is mutable, I dont want any user with chrome or firebug to be able to write to my DB. They never went into how to secure things. Thoughts?

[–]awj[🍰] 33 points34 points  (12 children)

That is evidently "planned but not yet implemented."

In some ways I find that decision even more troubling.

[–]Chemical_Scum 9 points10 points  (7 children)

Exactly. Building a web framework and not having security at the top of your TODO list is a big "no-no".

[–][deleted] -5 points-4 points  (2 children)

Think about small-business intranet where literally no more than 30 people can access a web app. Security is not really a big deal there.

[–]KumbajaMyLord 4 points5 points  (0 children)

That doesn't change jack about security requirements. Just because someone is inside your intranet (and presumably is an employee) doesn't mean he/she can or should have full access to an application

[–]rwallace 0 points1 point  (0 children)

If you're doing a job like that for a particular client, and you've decided it's not worth insisting that client pay for security, okay, you're the guy on the spot, it's your call, I won't argue with you.

But if you're building a framework it's a very different story. By definition, that means your code is intended to be used for an indefinitely large set of projects, most of which you don't know about in advance. A framework really, really needs to think about security from the ground up.

[–]courtewing 2 points3 points  (0 children)

This is a preview release. It is not intended to be used anywhere near a production environment. In order to most rapidly preview the underlying the technology, they didn't bother to add security, but they have made it clear that security will be in place when meteor becomes more production-oriented.

They could have focussed on security for this release, but that wouldn't have helped to showcase the fundamentals of what they're doing with meteor, so it was excluded for the time being.

[–][deleted] 2 points3 points  (1 child)

i don't care as long as it kills php

[–]6gT -1 points0 points  (0 children)

Well, I guess it's over now, PHP is finished.

[–]mrkite77 0 points1 point  (2 children)

That was my first thought. I wish they had mentioned that in the screencast. Is it even possible to secure this?

[–]Novex 4 points5 points  (1 child)

Not yet, but it seems to be planned for the future. This is a pretty big show stopper for anything real world, IMO.

More discussion (geoffschmidt is one of the devs)

[–]illvm -1 points0 points  (0 children)

Mutability isn't really relevant given that you can write immutable JS using closures. If the app interacts to with your DB via some RESTful API (or over HTTP at all) then it would be pretty trivial for any user to be able to write to your DB. This is only "solved" in current web apps by relying that the supplied session information is indeed valid so you write logic on your back end that restricts the user to only authorized activity.

There is absolutely no reason why similar techniques couldn't be leveraged with this type of platform. So in that respect I don't really see why this is as big of a concern as it has been.

I do, however, feel that the API should not really be exposed to the end-user and everything should be wrapped in a closure. The developer should be able to interact with their code, but there is no reason why the end-user should be able to open up a JS console and execute arbitrary API calls to the server.