[SERVER-19013] Authentication level control per DB Created: 17/Jun/15 Updated: 06/Dec/22 |
|
| Status: | Open |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | features we're not sure of |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Jonathan Abrahams | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Assigned Teams: |
Server Security
|
||||
| Backwards Compatibility: | Fully Compatible | ||||
| Participants: | |||||
| Description |
|
The capability to have authentication enforced on a per DB level. Currently --auth enables authentication on a global level. There are some cases where authentication on a particular DB is not required (collections using data which is not sensitive). |
| Comments |
| Comment by Andreas Nilsson [ 18/Jun/15 ] |
|
I am hesitant to build an access control system that applies selectively to databases for several reasons. 1) We want to move in the direction of enabling auth by default. Two ways around this would be to either set up an "unsafe" mongo node instead or give all their users full privileges to the desired DBs. I will close this as "Won't Fix". |