[SERVER-4614] mongorestore ignores perrmissions and acts like it worked Created: 04/Jan/12  Updated: 11/Jul/16  Resolved: 05/Jan/12

Status: Closed
Project: Core Server
Component/s: Security, Tools
Affects Version/s: 2.0.1
Fix Version/s: 2.1.0

Type: Bug Priority: Major - P3
Reporter: Andrew Harbick Assignee: Ben Becker
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Ubuntu (server) OS X (where I ran mongorestore)


Operating System: ALL
Participants:

 Description   

I ran this:

mongorestore --password MYPASSWORD --username aharbick --host productionhost:27017 --db locos_production --drop /Users/aharbick/databasedump.bson
connected to: productionhost:27017
Wed Jan 4 10:48:53 /Users/aharbick/databasedump.bson
Wed Jan 4 10:48:53 going into namespace [locos_production.collection]
Wed Jan 4 10:48:53 dropping
2145 objects found

HOWEVER aharbick is a readonly account:

aharbick.local:~/Projects/locos$ mongo productionhost/locos_production --username aharbick --password MYPASSWORD
MongoDB shell version: 2.0.1
connecting to: productionhost/locos_production
> db.collection.count()
2150
> db.collection.save(

{a: 1, b:2}

)
unauthorized

Furthermore, the mongrestore while appearing to have dropped my data and restored 2145 objects it didn't ACTUALLY do that.



 Comments   
Comment by auto [ 27/Jan/12 ]

Author:

{u'login': u'RedBeard0531', u'name': u'Mathias Stearn', u'email': u'mathias@10gen.com'}

Message: Extend Auth::Level auth() parameter to whole DBClient inheritance tree

Follow-up to commit 02853421 SERVER-4614
Warning from -Woverloaded-virtuals SERVER-4802
Branch: master
https://github.com/mongodb/mongo/commit/d841b9ea6a9161be9b8f0adad0905b091ce201d0

Comment by auto [ 05/Jan/12 ]

Author:

{u'login': u'', u'name': u'Ben Becker', u'email': u'ben.becker@10gen.com'}

Message: SERVER-4614: prohibit read-only users from restoring data via mongorestore
Branch: master
https://github.com/mongodb/mongo/commit/02853421e338a934f1a09582ac4d1f7e4906818b

Generated at Thu Feb 08 03:06:30 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.