Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-9475

renameCollection is marked as admin only command but can be running without authenticating as admin

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major - P3 Major - P3
    • None
    • 2.2.4, 2.4.3
    • Security, Usability
    • None
    • standalone MongoDB 2.4.3 Windows 2008R2+ build on Windows 7
    • ALL
    • Hide

      Start mongod with --auth. From the shell

      use admin
      db.addUser("admin","admin")
      db.auth("admin","admin")
      use rt
      db.addUser("rt","rt")
      use admin
      db.logout()
      use rt
      db.auth("rt","rt")
      db.foo.insert({bar:1})

      If you now run

      db.runCommand({renameCollection:"rt.foo", to:"rt.bar"})


      it fails with

      { "ok" : 0, "errmsg" : "access denied; use admin db" }

      if you now do

      use admin
      db.runCommand({renameCollection:"rt.foo", to:"rt.bar"}

      the rename succeed even without authenticating using admin credentials.

      Show
      Start mongod with --auth. From the shell use admin db.addUser("admin","admin") db.auth("admin","admin") use rt db.addUser("rt","rt") use admin db.logout() use rt db.auth("rt","rt") db.foo.insert({bar:1}) If you now run db.runCommand({renameCollection:"rt.foo", to:"rt.bar"}) it fails with { "ok" : 0, "errmsg" : "access denied; use admin db" } if you now do use admin db.runCommand({renameCollection:"rt.foo", to:"rt.bar"} the rename succeed even without authenticating using admin credentials.

    Description

      renameCollection is an admin only command. When auth is turned on you can rename a collection within the same db even without authentication using the admin user credentials.

      Attachments

        Activity

          People

            spencer@mongodb.com Spencer Brody (Inactive)
            sridhar Sridhar Nanjundeswaran
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: