

If MongoDB is unreliable, are services like YC S11 Parse unreliable? - seivan

After reading http://news.ycombinator.com/item?id=3202081 and http://schmichael.com/files/schmongodb/Scaling%20with%20MongoDB%20%28with%20notes%29.pdf<p>I start to wonder if using services like Parse for your backend is a bad idea?
======
TobiHeidi
Parse is very unsecure because you essentially give the user full
read/write/delete access to all of its data as no logic is run server side but
clientside. That means any scriptkiddy can change all data as it likes.

That has nothing to do with MongoDB, but with the cirtical design flaw of
Parse to trust the client not to send fake data.

~~~
ZephyrP
My initial intuition is that such an egregious oversight can't possibly be
real for a YC11 company, can anyone validate this? Does Parse _really_ provide
no way to set document fields writable, readable and so on?

~~~
aherlambang
In Parse you can authorize/de-authorize client permission to get, find,
update, create, and delete for each table

