There are a number of commands that need to be enabled at startup with enableTestCommands=1. We should implement authorization checks for the test commands.
The purpose is to protect against
- unintentionally exposing these commands
- someone maliciously enabling these commands
The test commands are listed at http://docs.mongodb.org/manual/reference/command/nav-testing/
After internal discussions the suggested solution is to create a new action type for running test commands, and give it to the built-in role "root". No other roles should have this permission.