Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Critical - P2
Fix Version/s: 2.5.3
Affects Version/s: None
Component/s: Security
Labels:
None
Environment:
all

When dropping a database, any users with privilege documents in that database's system.users collection should have those privileges revoked.

Same is true for removing a user any other way.

depends on

SERVER-8580 User defined roles

Closed

is duplicated by

SERVER-2079 Authenticated Connections do not get terminated when dropDatabase() command is issued.

Closed

SERVER-13148 Authentication still holds after user removed

Closed

SERVER-8591 Revoke privileges for connections authenticated as deleted users

Closed

SERVER-5582 Reset authentication info on active connections for user changes (password, level)

Closed

Assignee:: Spencer Brody (Inactive)

Reporter:: xie zhenye

Participants:: Andy Schwerin, Spencer Brody, xie zhenye

Votes:: 1 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: Jul 27 2012 10:15:43 AM UTC

Updated:: Feb 28 2022 02:05:08 PM UTC

Resolved:: Oct 15 2013 05:51:35 PM UTC