Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12621

Reduce localhost exception permissions

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • 2.7.1
    • 2.5.5
    • Security
    • Fully Compatible

    Description

      Currently the localhost exception gives full privileges to all operations and commands. The purpose is only to create the first admin DB user.

      Hence it would make sense to limit the localhost exception exposure to give the createUser action type on the admin DB, or possibly the UserAdmin role id that is preferable from an implementation perspective.

      Attachments

        Activity

          People

            amalia.hawkins@10gen.com Amalia Hawkins
            andreas.nilsson Andreas Nilsson
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: