[SERVER-12142] Add action type for test commands Created: 17/Dec/13 Updated: 06/Dec/22 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.5.4 |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Andreas Nilsson | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | 26qa | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Assigned Teams: |
Server Security
|
||||
| Backwards Compatibility: | Fully Compatible | ||||
| Participants: | |||||
| Description |
|
There are a number of commands that need to be enabled at startup with enableTestCommands=1. We should implement authorization checks for the test commands. The purpose is to protect against
The test commands are listed at http://docs.mongodb.org/manual/reference/command/nav-testing/ After internal discussions the suggested solution is to create a new action type for running test commands, and give it to the built-in role "root". No other roles should have this permission. |
| Comments |
| Comment by Andreas Nilsson [ 07/Jan/14 ] |
|
Closed the wrong issue |