-
Type: Bug
-
Resolution: Won't Fix
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Security
-
Server Security
-
ALL
-
Security 2018-10-08, Security 2018-10-22
A normal user who has write access to the "local" database is currently not disallowed from writing arbitrary data to the oplog. We should discuss more stringent rules about when (if ever) to allow these kinds of arbitrary oplog writes.
- is depended on by
-
SERVER-26829 Oplog usable as output of mapreduce
- Closed
- related to
-
SERVER-29826 Prevent user writes to internal replication collections
- Closed