Security arch guide user management and authz corrections

XMLWordPrintableJSON

    • Type: Task
    • Resolution: Unresolved
    • Priority: Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • Server Security
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      The arch guide says the UMCTransaction uses the applyOps command (https://github.com/mongodb/mongo/blob/c061668218c8cbff1f508aa0204f452485d4bb36/src/mongo/db/auth/README.md#umc-transactions), but it actually uses normal multi-document transaction syntax (https://github.com/mongodb/mongo/blob/92cc84b0171942375ccbd2312a052bc7e9f159dd/src/mongo/db/commands/user_management_commands.cpp#L775). We should correct this.

      Separately, this section (https://github.com/mongodb/mongo/blob/c061668218c8cbff1f508aa0204f452485d4bb36/src/mongo/db/auth/README.md#authorization-manager-external-state) says "remove cluster config servers" but it should say "remote cluster config servers".

            Assignee:
            [DO NOT USE] Backlog - Security Team
            Reporter:
            Judah Schvimer
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: