[SERVER-60907] createUser command silently ignores invalid options in role object Created: 21/Oct/21 Updated: 06/Dec/22 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Spencer Brown | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Assigned Teams: |
Server Security
|
| Participants: |
| Description |
|
Tested on 4.4.10 and 5.0.3, same behavior. Invalid options inside a role object are silently ignored. There should be an error. Steps to Reproduce: The invalid option "blahblah" is silently ignored. It is not just the shell helper; the createUser database command has the same behavior when directly invoked.
|