Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11928

Cannot downgrade from 2.5.x to 2.4.8 if there are unapplied entries for new-style users in the oplog prior to downgrade.

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Won't Fix
    • Priority: Icon: Minor - P4 Minor - P4
    • None
    • Affects Version/s: 2.4.8
    • Component/s: Security
    • Labels:
      None

      Applying oplog entries creating or manipulating 2.6-style users will cause a fatal error in 2.4. If the secondaries are caught up past all user and role manipulations before the downgrade, they should be fine.

      A solution may be to stop enforcing the form of user documents in 2.4, or to not enforce them during oplog application. This is risky because trivially malformed user documents in 2.4 can grant broad powers to users (i.e., misspelling "roles" as "roels" will lead to a 2.2-style read-write user).

            Assignee:
            Unassigned Unassigned
            Reporter:
            schwerin@mongodb.com Andy Schwerin
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: