Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-9611

Setting NoCursorTimeout flag in OP_QUERY should require special privilege.

    XMLWordPrintableJSON

Details

    • Server Security

    Description

      Disabling cursor timeout gives the client a means to force the server to leak resources. As such, it should require special privilege beyond "find".

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            schwerin@mongodb.com Andy Schwerin
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated: