-
Type:
Improvement
-
Resolution: Done
-
Priority:
Major - P3
-
Affects Version/s: None
-
Component/s: Replication
-
None
-
Fully Compatible
-
RPL 9 (09/18/15)
-
None
-
3
-
None
-
None
-
None
-
None
-
None
-
None
As part of liveness detection, the internal replication use of the find and getMore commands can pass a term number as part of the request metadata. In order to prevent lay users from presenting bogus metadata to the server, we need to check that the user running such a find/getMore possesses the same privilege as is required for the other internal replication commands, namely:
ResourcePattern::forClusterResource(), ActionType::internal
- is duplicated by
-
SERVER-45264 "term" from find/getMore commands can trigger unexpected stepDown
-
- Closed
-