There are a number of commands that need to be enabled at startup with enableTestCommands=1. We should implement authorization checks for the test commands.

The purpose is to protect against

• unintentionally exposing these commands
• someone maliciously enabling these commands

The test commands are listed at http://docs.mongodb.org/manual/reference/command/nav-testing/

After internal discussions the suggested solution is to create a new action type for running test commands, and give it to the built-in role "root". No other roles should have this permission.