[SERVER-37702] config.transactions entry should not include the uid portion of the LogicalSessionId Created: 22/Oct/18 Updated: 27/Oct/23 Resolved: 23/Oct/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | 4.1.4 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Randolph Tan | Assignee: | [DO NOT USE] Backlog - Sharding Team |
| Resolution: | Works as Designed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Assigned Teams: |
Sharding
|
||||||||||||
| Operating System: | ALL | ||||||||||||
| Participants: | |||||||||||||
| Description |
|
Consequently, the SessionsCatalog should only include the uuid and not the uid as well. |
| Comments |
| Comment by Mira Carey [ 23/Oct/18 ] |
|
100%, lsids have to be uid + id. The uid is the part that's validated and prevents users from spoofing each other. It was never intended that the id be used by itself for anything (other than allowing clients to "create" lsids without talking to the server. I.e. after ingress, the intention was that we would always fill in the uid portion and the bare id would never be used) |
| Comment by Andy Schwerin [ 23/Oct/18 ] |
|
I believe this is incorrect. In order to prevent a malicious user from interfering with another user, the user id must be a component of the lsid in all comparisons. That prevents the malicious user from choosing another user's lsid to cause harm. |
| Comment by Kaloian Manassiev [ 23/Oct/18 ] |
|
I think this is a pretty significant upgrade work, because we already have unique index on that collection (and config.system.sessions as well) so that would have to be done under an FCV transition. Also, if there are two sessions in the table with the same UID, they will have to be merged together using some logic. Perhaps the latest transaction wins? |