[SERVER-29014] Consider prohibiting explaining an explain Created: 28/Apr/17 Updated: 06/Dec/22 Resolved: 05/May/17 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Kyle Suarez | Assignee: | Backlog - Query Team (Inactive) |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Assigned Teams: |
Query
|
||||||||
| Participants: | |||||||||
| Description |
|
In CmdExplain::checkAuthForOperation(), we recursively check auth on the contained command. An unauthorized user could then attempt to run an explain on nested explains in an attempt to force the server to consume more resources. The severity of this is minor because we're mostly saved by the BSON depth limit enforced in |
| Comments |
| Comment by Kyle Suarez [ 28/Apr/17 ] |