Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.1.8
Affects Version/s: None
Component/s: Replication
Labels:
None

Backwards Compatibility:
Fully Compatible
Sprint:
RPL 9 (09/18/15)
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

As part of liveness detection, the internal replication use of the find and getMore commands can pass a term number as part of the request metadata. In order to prevent lay users from presenting bogus metadata to the server, we need to check that the user running such a find/getMore possesses the same privilege as is required for the other internal replication commands, namely:

 ResourcePattern::forClusterResource(), ActionType::internal

is duplicated by

SERVER-45264 "term" from find/getMore commands can trigger unexpected stepDown

Closed

Assignee:: Benety Goh
Reporter:: Eric Milkie
Participants:: Benety Goh, Eric Milkie, Githook User
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: Aug 13 2015 07:47:03 PM UTC
Updated:: Jan 21 2020 03:14:50 PM UTC
Resolved:: Sep 04 2015 03:25:09 PM UTC

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates