-
Type:
Improvement
-
Resolution: Duplicate
-
Priority:
Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Testing Infrastructure
-
None
-
Security 2018-12-31, Security 2019-01-14
Periodically, new commands are introduced which can appear in Oplog entries. When the authorization subsystem sees an entry which applies to the admin database with a command it doesn't recognize, it doesn't know whether its internal caches are in sync with the on-disk representation of data. When this occurs, the authorization subsystem must disable custom roles.
We should modify our auth passthrough suites to use a custom user which obtains the __system role indirectly via a custom role. When a new command is written which appears in the oplog, this test will instantly fail.
- is duplicated by
-
SERVER-38556 Decide what to do with transaction related commands in handleOplogCommand
-
- Closed
-
- is related to
-
-
- Closed
-
- related to
-
-
- Closed
-