[SERVER-50394] mongod audit log attributes DDL operations to the __system user in a sharded environment Created: 19/Aug/20 Updated: 29/Oct/23 Resolved: 18/Sep/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | 4.0.20, 3.6.19 |
| Fix Version/s: | 4.8.0, 4.2.10, 4.4.2 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Eric Sedor | Assignee: | Sara Golemon |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||||||||||
| Backwards Compatibility: | Minor Change | ||||||||||||||||||||||||||||||||||||
| Operating System: | ALL | ||||||||||||||||||||||||||||||||||||
| Backport Requested: |
v4.4, v4.2, v4.0, v3.6
|
||||||||||||||||||||||||||||||||||||
| Sprint: | Security 2020-09-21 | ||||||||||||||||||||||||||||||||||||
| Participants: | |||||||||||||||||||||||||||||||||||||
| Case: | (copied to CRM) | ||||||||||||||||||||||||||||||||||||
| Linked BF Score: | 50 | ||||||||||||||||||||||||||||||||||||
| Description |
|
Seemingly related to CRUD operations are correctly attributed. A partial workaround is to use auditAuthorizationSuccess and an auditFilter focusing on DDL operations, on mongos nodes, to obtain authCheck audits from the mongos. But this is not applicable in all cases (ex: implicit collection creation) |
| Comments |
| Comment by Githook User [ 18/Sep/20 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: (cherry picked from commit cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30) |
| Comment by Githook User [ 18/Sep/20 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: (cherry picked from commit 6fc0bd5c1e426b135c7dadb90b9b27fe2d25e76c) |
| Comment by Githook User [ 18/Sep/20 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: |
| Comment by Githook User [ 18/Sep/20 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: (cherry picked from commit cf4fa7e9e0b5a1b0c358da1c981083b5ec179c30) |
| Comment by Githook User [ 18/Sep/20 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: (cherry picked from commit 6fc0bd5c1e426b135c7dadb90b9b27fe2d25e76c) |
| Comment by Githook User [ 18/Sep/20 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: |
| Comment by Githook User [ 18/Sep/20 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: |