[SERVER-23672] Separate privilege action for mapreduce Created: 13/Apr/16 Updated: 06/Dec/22 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Kevin Pulo | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Assigned Teams: |
Server Security
|
||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
Currently users with the find privilege action can also run mapReduce commands. Since the performance characteristics of mapReduce can be quite different to those of regular find, it would be very useful to be able to administratively prohibit the running of mapReduce jobs, while still allowing access to the data. Using security.javascriptEnabled: false (aka --noscripting) to disable server-side Javascript is not a practical workaround, because it would only be useful if no other user or db requires access to run mapReduce, and no other user or db requires access to db.eval() (deprecated anyway) or $where. |
| Comments |
| Comment by Spencer Brody (Inactive) [ 13/Apr/16 ] |
|
This feels to me like an extension of |