Accessing to DB at client side as in server side with meteor

Question

I read this at the docs:

Database Everywhere. Use the same transparent API to access your database from the client or the server.

Answer 1

You are correct. The developers are currently working on Auth and security concerns. As of now everything is open and great for creating prototypes and test apps however they are vulnerable to users retrieve/remove/update data as they like.

See the developer response to this question here: Link

Answer 2

Secure your app by removing the insecure and autopublish packages:

meteor remove insecure autopublish

Answer 3

Meteor now includes restrictions on client database writes (allow and deny) and a complete user accounts system.