[SERVER-11928] Cannot downgrade from 2.5.x to 2.4.8 if there are unapplied entries for new-style users in the oplog prior to downgrade. Created: 03/Dec/13 Updated: 10/Dec/14 Resolved: 06/Mar/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.4.8 |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Andy Schwerin | Assignee: | Unassigned |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Description |
|
Applying oplog entries creating or manipulating 2.6-style users will cause a fatal error in 2.4. If the secondaries are caught up past all user and role manipulations before the downgrade, they should be fine. A solution may be to stop enforcing the form of user documents in 2.4, or to not enforce them during oplog application. This is risky because trivially malformed user documents in 2.4 can grant broad powers to users (i.e., misspelling "roles" as "roels" will lead to a 2.2-style read-write user). |
| Comments |
| Comment by Andy Schwerin [ 03/Dec/13 ] |
|
dan@10gen.com, I'm not sure if this is worth implementing or not. A proper implementation might stop |