Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12621

Reduce localhost exception permissions

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • 2.5.5
    • 2.7.1
    • Security
    • Fully Compatible

    Description

      Currently the localhost exception gives full privileges to all operations and commands. The purpose is only to create the first admin DB user.

      Hence it would make sense to limit the localhost exception exposure to give the createUser action type on the admin DB, or possibly the UserAdmin role id that is preferable from an implementation perspective.

      Attachments

        Issue Links

          Activity

            People

              amalia.hawkins@10gen.com Amalia Hawkins
              andreas.nilsson Andreas Nilsson
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: