Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Operating System:
ALL
Steps To Reproduce:

Hide

Set file owner to root and group to the group of mongo user.

Set file mode to 640.

Show
Set file owner to root and group to the group of mongo user. Set file mode to 640.
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

Keyfile owned by root:mongo with filesystem mode 640 should really pass the permissions check described here: https://github.com/mongodb/mongo/blob/5bbadc66ed462aed3cc4f5635c5003da6171c25d/src/mongo/db/auth/security_file.cpp#L80

Assignee:: Chris Kelly
Reporter:: Lauri Võsandi
Participants:: Chris Kelly, Lauri Võsandi
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: Jun 14 2022 02:16:35 PM UTC
Updated:: Jun 15 2022 03:59:07 PM UTC
Resolved:: Jun 15 2022 03:59:07 PM UTC