[SERVER-64029] Prohibit impersonating multiple users Created: 28/Feb/22 Updated: 29/Oct/23 Resolved: 09/Jan/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 6.3.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Sara Golemon | Assignee: | Shreyas Kalyan |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Sprint: | Security 2022-03-07, Security 2022-11-14, Security 2022-11-28, Security 2022-12-12, Security 2022-12-26, Security 2023-01-09 | ||||||||||||
| Participants: | |||||||||||||
| Comments |
| Comment by Githook User [ 06/Jan/23 ] | |||
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}Message: | |||
| Comment by Githook User [ 06/Jan/23 ] | |||
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}Message: | |||
| Comment by Shreyas Kalyan [ 07/Dec/22 ] | |||
|
varun.ravichandran@mongodb.com that's a great question, but since the work for this was already mostly underway, and since there is not really anything controversial about this ticket, I think we can just do it as a one off, rather than as part of an epic. | |||
| Comment by Spencer Jackson [ 05/Dec/22 ] | |||
|
shreyas.kalyan@mongodb.com sara.golemon@mongodb.com I think there are two relevant, user facing changes that we might want to consider regarding impersonation. In the impersonated user metadata, we store the list of users that mongos is impersonating, and we propagate this information to the shard servers for various purposes. This doesn't really need to be a list. Fortunately, we reject any metadata payloads which are given to us but contain more than one user. The consequences of this are pretty minor, but users show up as array in both slow query logs and
and in audit logs
Between these, the audit logs are probably the most impactful, and easiest to change.
| |||
| Comment by Sara Golemon [ 10/Mar/22 ] | |||
|
Deferring till post 6.0 to accommodate mixed version clusters. |