[SERVER-32894] Disallow creation of `system.indexes` Created: 25/Jan/18 Updated: 30/Oct/23 Resolved: 08/Feb/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Storage |
| Affects Version/s: | None |
| Fix Version/s: | 3.7.2 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Daniel Gottlieb (Inactive) | Assignee: | Tess Avitabile (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Minor Change | ||||||||
| Operating System: | ALL | ||||||||
| Steps To Reproduce: | db.createCollection("system.indexes") |
||||||||
| Sprint: | Storage 2018-01-29, Storage 2018-02-12 | ||||||||
| Participants: | |||||||||
| Linked BF Score: | 0 | ||||||||
| Description |
|
Inserting into `system.indexes` is disallowed, but an explicitly create collection command goes through. This has some interesting, problematic side-effects. For example:
Particularly between 2 and 3, this prevents us from properly verifying a legally ordered sequence of updates on all document in WiredTiger. I would imagine this is also possible on earlier versions, but I haven't verified. |
| Comments |
| Comment by Githook User [ 08/Feb/18 ] | ||||
|
Author: {'email': 'tess.avitabile@mongodb.com', 'name': 'Tess Avitabile', 'username': 'tessavitabile'}Message: | ||||
| Comment by Tess Avitabile (Inactive) [ 25/Jan/18 ] | ||||
|
Ah, though I suppose that could affect the ability to create an index by performing an insert on system.indexes. I'll reconsider... | ||||
| Comment by Tess Avitabile (Inactive) [ 25/Jan/18 ] | ||||
|
This is not an issue for rename due to the following check:
I think we could prevent users from creating the namespace system.indexes by removing it from this whitelist of system namespaces users are allowed to create. |