-
Type:
Improvement
-
Resolution: Duplicate
-
Priority:
Major - P3
-
None
-
Affects Version/s: 2.4.0-rc0
-
Component/s: Security
-
None
-
Environment:MongoDB 2.4.0-rc0
-
None
-
3
-
None
-
None
-
None
-
None
-
None
-
None
At present, MongoDB does not revoke privileges for connections authenticated as deleted users.
There should be some form of "revocation and expiration of connection privileges" for a connected user if that same is deleted whilst currently logged in.
- duplicates
-
-
- Closed
-