[SERVER-15459] Check new X509 user names against _clusterIdMatch Created: 30/Sep/14 Updated: 03/Feb/20 Resolved: 01/Oct/15 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 3.1.9 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Alexander Komyagin | Assignee: | Spencer Jackson |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Minor Change | ||||||||||||||||
| Sprint: | Security A 10/09/15 | ||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
Right now new user names are checked against the current server SN, but it isn't as useful as checking that the new user is not going to be recognized as the system user: https://github.com/mongodb/mongo/blob/r2.6.4/src/mongo/db/commands/authentication_commands.cpp#L343 |
| Comments |
| Comment by Githook User [ 01/Oct/15 ] |
|
Author: {u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}Message: |