Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-23799

Authorization check

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Duplicate
    • Affects Version/s: 3.2.5
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Sprint:
      Security 13 (04/22/16)

      Description

      There seems to be a small bug inside the configuration security checks. It seems like is checking for the security.authorization parameter. However, this parameter isn't available in mongos.

      Should this check take in consideration the keyFile or any other internal authentication parameters which can also enable the authorization?

      /usr/bin/mongos --keyFile /tmp/mongodb-mms-automation.lock --configdb 127.0.0.1
      2016-04-19T15:11:51.224+0100 W SHARDING [main] Running a sharded cluster with fewer than 3 config servers should only be done for testing purposes and is not recommended for production.
      2016-04-19T15:11:51.229+0100 I CONTROL  [main] 
      2016-04-19T15:11:51.229+0100 I CONTROL  [main] ** WARNING: Insecure configuration, access control is not enabled and no --bind_ip has been specified.
      2016-04-19T15:11:51.229+0100 I CONTROL  [main] **          Read and write access to data and configuration is unrestricted, 
      2016-04-19T15:11:51.229+0100 I CONTROL  [main] **          and the server listens on all available network interfaces.
      2016-04-19T15:11:51.230+0100 I CONTROL  [main] 
      2016-04-19T15:11:51.230+0100 I ACCESS   [main] permissions on /tmp/mongodb-mms-automation.lock are too open
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              ricardo.lorenzo Ricardo Lorenzo
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: