splitVector should be under a different built-in authorization role

XMLWordPrintableJSON

    • Type: Improvement
    • Resolution: Unresolved
    • Priority: Major - P3
    • None
    • Affects Version/s: 3.2.11
    • Component/s: Security
    • None
    • Server Security
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      The unofficial, semi-documented splitVector command has its own privilege action and is included in the clusterAdmin role by default. Unfortunately, this means that splitVector cannot be used in Atlas, since Atlas does not make the clusterAdmin role available to users, and does not allow creation of user-defined roles.

      I'd suggest to put splitVector under a different built-in role such as read, readWrite, or dbAdmin.

              Assignee:
              [DO NOT USE] Backlog - Security Team
              Reporter:
              Andre Spiegel
              Votes:
              1 Vote for this issue
              Watchers:
              14 Start watching this issue

                Created:
                Updated: