[SERVER-21113] Allow a single user specified in configuration file to override all other users Created: 24/Oct/15 Updated: 06/Dec/22 Resolved: 30/Dec/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Cailin Nelson | Assignee: | Backlog - Security Team |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Assigned Teams: |
Server Security
|
| Participants: |
| Description |
|
Allow a single user, defined in the configuration file to override all other users defined in the system. I.e. something like
If these options are set, the users defined in system.users are ignored. |
| Comments |
| Comment by Scott Hernandez (Inactive) [ 24/Oct/15 ] |
|
How is this different than simply turning off authentication, and starting on a local/protected-port? If recovery is needed and you can change the config and restart the mongodb server then it seems like you can also restrict access to the server/host as well, no? Assuming this type of feature was implemented, how would it work for a sharded cluster or replica set? Is this a single-server only option? |