[SERVER-29826] Prevent user writes to internal replication collections Created: 23/Jun/17  Updated: 06/Dec/22  Resolved: 15/Aug/19

Status: Closed
Project: Core Server
Component/s: Replication
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Matthew Russotto Assignee: Backlog - Replication Team
Resolution: Duplicate Votes: 2
Labels: former-quick-wins, neweng
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
depends on SERVER-40560 Ensure system-collection protections ... Closed
Related
related to SERVER-40560 Ensure system-collection protections ... Closed
related to SERVER-44440 Consider disallowing users from writi... Backlog
is related to SERVER-28356 Disallow writes to oplog from all bui... Closed
Assigned Teams:
Replication
Operating System: ALL
Backport Requested:
v4.0, v3.6
Participants:
Linked BF Score: 67

 Description   

We should prevent CRUD writes, as well as renames, to at least:

  • local.replset.minvalid
  • local.replset.checkpointTimestamp
  • local.replset.oplogTruncateAfterPoint

and possibly others.



 Comments   
Comment by Siyuan Zhou [ 24/Jun/19 ]

We should also prevent CRUD writes to local.system.replset and local.replset.election.

Comment by Spencer Brody (Inactive) [ 31/Jul/17 ]

This should probably be done by leveraging the access control system.

Comment by Judah Schvimer [ 07/Jul/17 ]

Beyond preventing renames, should we also prevent drops, arbitrary updates, inserts, or removes?

Comment by Crystal Horn [ 29/Jun/17 ]

We should do this for all replication internal collections.

Generated at Thu Feb 08 04:21:55 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.