Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-35192

Enforce that GETMORE operations can only be run under that cursor's session even without auth

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Won't Fix
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: 3.6.5
    • Component/s: None
    • None
    • Query
    • ALL
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None

      SERVER-28343 enforced that a cursor can only be iterated under the session that created it, but only applied that restriction if auth is turned on. This led to some surprising behavior detailed in SERVER-34417.

      For consistency between auth and no-auth cases, cursors should always require the same session, regardless of whether auth is enabled.

            Assignee:
            backlog-server-query Backlog - Query Team (Inactive)
            Reporter:
            david.golden@mongodb.com David Golden
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved: