[SERVER-36829] Cursors should be killable by their originating user Created: 23/Aug/18  Updated: 29/Oct/23  Resolved: 21/Nov/18

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 4.1.6

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
is documented by DOCS-12221 Docs for SERVER-36829: Cursors should... Closed
Related
related to SERVER-36266 Add auth rules for $backupCursor aggr... Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2018-09-24, Security 2018-10-08, Security 2018-10-22, Security 2018-11-05, Security 2018-11-19, Security 2018-12-03
Participants:

 Description   

A user should be able to kill any cursor they spawned, regardless of the privileges they possess, and reguardless of what aggregation stage or command produced the cursor.



 Comments   
Comment by Githook User [ 21/Nov/18 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-36829: Let users kill their own cursors
Branch: master
https://github.com/mongodb/mongo/commit/ebd39fc0df856937c0be9d5c686f841ef02abb55

Generated at Thu Feb 08 04:44:12 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.