[SERVER-32169] A cursor created with a session cannot be killed outside that session Created: 05/Dec/17  Updated: 30/Oct/23  Resolved: 12/Dec/17

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: 3.6.0
Fix Version/s: 3.6.3, 3.7.1

Type: Bug Priority: Major - P3
Reporter: Shane Harvey Assignee: Sara Golemon
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Problem/Incident
is caused by SERVER-28260 Create a killAnyCursor privilege Closed
Related
is related to DRIVERS-430 Test that killCursors really succeeds Implementing
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v3.6
Sprint: Platforms 2017-12-18
Participants:

 Description   

After SERVER-28260, a cursor created with an 'lsid' cannot be killed without passing the same lsid:

$ cat killCursorsBug.js
db.test.insertOne({});
var res = db.runCommand({find: "test", batchSize: 0, lsid: {id: BinData(4, "QlLfPHTySm6tqfuV+EOsVA==")}});
res = db.runCommand({killCursors: "test", cursors: [res.cursor.id]});
printjson(res);
$ mongo 'mongodb://user:password@localhost:27017' killCursorsBug.js
MongoDB shell version v3.4.10
connecting to: mongodb://user:password@localhost:27017
MongoDB server version: 3.7.0-180-g09d3d18
WARNING: shell and server versions do not match
{
	"operationTime" : Timestamp(1512435604, 1),
	"ok" : 0,
	"errmsg" : "not authorized on test to execute command { killCursors: \"test\", cursors: [ 78117941810 ], $db: \"test\" }",
	"code" : 13,
	"codeName" : "Unauthorized"
}

killCursors should succeed when run with a different session or even no session at all.



 Comments   
Comment by Githook User [ 10/Jan/18 ]

Author:

{'email': 'sara.golemon@mongodb.com', 'name': 'Sara Golemon', 'username': 'sgolemon'}

Message: SERVER-32169 Allow killCursors to kill across lsids

(cherry picked from commit 0c0133f83aeb7930e90cb006e89cfce68aad2ad2)
Branch: v3.6
https://github.com/mongodb/mongo/commit/28ce0593dc8a3ab228cf14b0fbbc0817f222d0f4

Comment by Githook User [ 12/Dec/17 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-32169 Allow killCursors to kill across lsids
Branch: master
https://github.com/mongodb/mongo/commit/0c0133f83aeb7930e90cb006e89cfce68aad2ad2

Comment by A. Jesse Jiryu Davis [ 05/Dec/17 ]

3.6.0 is ok.

I observed in 3.6.0 with latest PyMongo: PyMongo sends no lsid with killCursors if the cursor is created with an implicit session and is destroyed by the garbage collector. MongoDB replies with the killed cursor's id in the "cursorsKilled" array, indicating (truthfully?) that it actually killed the cursor. sara.golemon thinks that MongoDB 3.6.0 can associate the cursor with its session and kill it successfully even if killCursors is sent with no lsid. I also tried sending killCursors from PyMongo with the wrong lsid and that also appeared to kill the cursor with MongoDB 3.6.0. With the shell also, the wrong lsid is allowed.

New in 3.7.x, PyMongo isn't allowed to call killCursors with no lsid, and as Shane showed above, killCursors with the wrong lsid is also prohibited. We need to change this back to allow killCursors with no lsid or the wrong lsid, so long as the user is authorized to kill this cursor.

I've specified a test (DRIVERS-430) for all drivers that the killCursors reply has an empty "cursorsAlive" array and the expected cursor id is found in the "cursorsKilled" array.

Comment by Githook User [ 05/Dec/17 ]

Author:

{'username': 'estolfo', 'email': 'emily@mongodb.com', 'name': 'Emily'}

Message: Skip cursor reaper test for 3.6, ref: SERVER-32169
Branch: master
https://github.com/mongodb/mongo-ruby-driver/commit/7ef944e57108b812995cff576d05ada673a96fec

Comment by Bernie Hackett [ 05/Dec/17 ]

The reason this is important is that some drivers have to call killCursors explicitly (for example, a no timeout cursor that hasn't been fully iterated is abandoned by the application), often asynchronously on a background thread. For MongoDB 3.6 drivers create an implicit session (or use an already started session from the session pool) for each operation when an explicit session was not provided.

Generated at Thu Feb 08 04:29:24 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.