Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12621

Reduce localhost exception permissions

    • Type: Icon: Improvement Improvement
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.7.1
    • Affects Version/s: 2.5.5
    • Component/s: Security
    • Fully Compatible

      Currently the localhost exception gives full privileges to all operations and commands. The purpose is only to create the first admin DB user.

      Hence it would make sense to limit the localhost exception exposure to give the createUser action type on the admin DB, or possibly the UserAdmin role id that is preferable from an implementation perspective.

            Assignee:
            amalia.hawkins@10gen.com Amalia Hawkins
            Reporter:
            andreas.nilsson Andreas Nilsson
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: