Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11192

Audit system cannot ascribe DDL operations in a sharded cluster to an end user.

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Critical - P2 Critical - P2
    • 2.5.5
    • Affects Version/s: 2.5.3
    • Component/s: Security
    • ALL

      Because the sharding system does not track the lifetime of databases, collections and indexes, mongos does not know when a database, collection or index is about to be created. As a result, it cannot place an entry into its local audit log about those events. However, it does know the identity of end users requesting operations. The mongod nodes involved do know about lifetime of these objects, but in a sharded system they do not know on behalf of which end user the event was triggered. We need some solution that ties these two pieces of information together.

      The original auditing proposal was to attach operation ids to all operations, and have mongos report to mongod the id of each source operation that it delegated to mongod. Something like this is one possible solution. Another is to introduce a notion of end-user session, and have mongos inform mongod of the end-user session it is implementing by delegation to mongod. There may be other reasonable solutions, as well.

            milkie@mongodb.com Eric Milkie
            schwerin@mongodb.com Andy Schwerin
            0 Vote for this issue
            4 Start watching this issue