[SERVER-13239] Make eval permission checking more granular Created: 17/Mar/14  Updated: 10/Sep/18  Resolved: 10/Sep/18

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.6.0-rc1
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Andreas Nilsson Assignee: DO NOT USE - Backlog - Platform Team
Resolution: Done Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Participants:

 Description   

Currently the eval command require all available permissions in order to run. It would be better to only require permissions for the actual operations that is performed by the enclosed script.

This is currently prevented by the way we parse and execute Javascript so it is a non-trivial problem to solve.



 Comments   
Comment by Sara Williamson [ 10/Sep/18 ]

db.eval has been removed.

Comment by Andreas Nilsson [ 27/Mar/14 ]

Ok I see. I agree with the need for a more granular access control of eval. However this will not be released within the near future so finding a way around it, or not using eval is probably the better choice. I have moved the ticket to "Planned but not scheduled".

If you need more practical advice regarding alternatives you can either post a topic to https://groups.google.com/forum/#!forum/mongodb-user or file a support ticket.

Andreas

Comment by Hugues Lismonde [ 27/Mar/14 ]

We use MongoDB "like MySQL", i.e. we have about 50 databases, one per client and obviously they don't have access to each others databases.

Some maintenance operations are done through "executed" (meaning eval'ed apparently) scripts via our CMS. Those scripts could be directly used with the CLI utility but that would mean installing the full suite on every servers. This could be solved that way.

We also have a few operations that are much more easily performed through a javascript script than fetching records and manipulating them "client" side. We don't care much about the write-lock as we have a low write volume and the operation is quite fast. Our main problem here is going through 50+ sites to ensure everything still works fine after rewriting the relevant parts.

Comment by Andreas Nilsson [ 27/Mar/14 ]

hlidobe can you elaborate on your use case a little bit and how you are using eval. Maybe there is a different way forward than having to downgrade to 2.2.

Thank you,
Andreas

Comment by Hugues Lismonde [ 26/Mar/14 ]

This is a huge issue for us. We had to downgrade a new server to 2.2 to overcome this "feature". Our use case imply many small databases with restricted access by clients and we obviously can't grant everyone access to all databases!

Generated at Thu Feb 08 03:31:05 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.