Details
-
Question
-
Resolution: Done
-
Major - P3
-
None
-
None
-
None
Description
If a mongod has authentication on but no admin user, then connections are allowed from localhost, on purpose.
Sun Nov 13 17:04:47 [conn1] note: no users configured in admin.system.users, allowing localhost access
But if you have a sharded environment, the admin user is stored in the config db.
So even if there is an admin user, individual mongod dont know about it and let you query from localhost.
This seems like a security hole, do we need to allow free localhost access in any circumstance?
Also it means that a lot of our tests using authentication pass even though they shouldnt, because authentication is not really enforced (e.g. sharded map/reduce)