[SERVER-39058] Synchronize user set modification in AuthorizationSession with Client Created: 17/Jan/19  Updated: 29/Oct/23  Resolved: 27/Feb/19

Status: Closed
Project: Core Server
Component/s: Internal Code, Security
Affects Version/s: None
Fix Version/s: 3.4.20, 3.6.12, 4.0.7, 4.1.9

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Shreyas Kalyan
Resolution: Fixed Votes: 0
Labels: RF
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Duplicate
Related
Backwards Compatibility: Fully Compatible
Backport Requested:
v4.0, v3.6, v3.4
Sprint: Security 2019-02-11, Security 2019-02-25, Security 2019-03-11
Participants:
Case:

 Description   

The CurrentOp command interacts with other operation's Client objects, and examines the users in their AuthorizationSessions. Those AuthorizationSessions users should be synchronized with their Client's lock.



 Comments   
Comment by Githook User [ 04/Mar/19 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-39058 Synchronize user set modification in AuthorizationSession with Client

(cherry picked from commit a9277e874039f32ce0d848fcdfb10de705c96fd9)
Branch: v3.4
https://github.com/mongodb/mongo/commit/447847d93d6e0a21b018d5df45528e815c7c13d8

Comment by Githook User [ 01/Mar/19 ]

Author:

{'name': 'Shreyas Kalyan', 'username': 'shreyaskalyan', 'email': 'shreyas.kalyan@10gen.com'}

Message: SERVER-SERVER-39058 Synchronize user set modification in AuthorizationSession with Client

(cherry picked from commit a9277e874039f32ce0d848fcdfb10de705c96fd9)
Branch: v3.6
https://github.com/mongodb/mongo/commit/a02a0b224ffef64c82ddbb1207cc1737e269dc8f

Comment by Githook User [ 01/Mar/19 ]

Author:

{'name': 'Shreyas Kalyan', 'username': 'shreyaskalyan', 'email': 'shreyas.kalyan@10gen.com'}

Message: SERVER-39058 Synchronize user set modification in AuthorizationSession with Client

(cherry picked from commit a9277e874039f32ce0d848fcdfb10de705c96fd9)
Branch: v4.0
https://github.com/mongodb/mongo/commit/57913e5f6a53de4b98f230006b4398aad2a32d87

Comment by Githook User [ 27/Feb/19 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-39058 Synchronize user set modification in AuthorizationSession with Client
Branch: master
https://github.com/mongodb/mongo/commit/a9277e874039f32ce0d848fcdfb10de705c96fd9

Comment by Bruce Lucas (Inactive) [ 19/Jan/19 ]

The user-visible symptom is a segfault in mongo::AuthorizationSession::isCoauthorizedWithClient called from the currentOp command.

Generated at Thu Feb 08 04:50:53 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.