Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 3.6.3, 3.7.1
Affects Version/s: 3.6.0
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v3.6
Sprint:
Platforms 2017-12-18
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

After ~~SERVER-28260~~, a cursor created with an 'lsid' cannot be killed without passing the same lsid:

$ cat killCursorsBug.js
db.test.insertOne({});
var res = db.runCommand({find: "test", batchSize: 0, lsid: {id: BinData(4, "QlLfPHTySm6tqfuV+EOsVA==")}});
res = db.runCommand({killCursors: "test", cursors: [res.cursor.id]});
printjson(res);
$ mongo 'mongodb://user:password@localhost:27017' killCursorsBug.js
MongoDB shell version v3.4.10
connecting to: mongodb://user:password@localhost:27017
MongoDB server version: 3.7.0-180-g09d3d18
WARNING: shell and server versions do not match
{
	"operationTime" : Timestamp(1512435604, 1),
	"ok" : 0,
	"errmsg" : "not authorized on test to execute command { killCursors: \"test\", cursors: [ 78117941810 ], $db: \"test\" }",
	"code" : 13,
	"codeName" : "Unauthorized"
}

killCursors should succeed when run with a different session or even no session at all.

is caused by

SERVER-28260 Create a killAnyCursor privilege

Closed

is related to

DRIVERS-430 Test that killCursors really succeeds

Implementing

Assignee:: Sara Golemon (Inactive)
Reporter:: Shane Harvey
Participants:: A. Jesse Jiryu Davis, Bernie Hackett, Githook User, Sara Golemon, Shane Harvey
Votes:: 0 Vote for this issue
Watchers:: 10 Start watching this issue

Created:: Dec 05 2017 01:09:41 AM UTC
Updated:: Oct 30 2023 11:10:11 PM UTC
Resolved:: Dec 12 2017 08:43:18 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates