[SERVER-68203] Ensure change collection is only accessed by root like users Created: 21/Jul/22 Updated: 29/Oct/23 Resolved: 08/Sep/22 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 6.1.0-rc2, 6.2.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Rishab Joshi (Inactive) | Assignee: | Denis Grebennicov |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | pm-2334-m3 | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Sprint: | QE 2022-09-19 |
| Participants: |
| Description |
|
The change collection is a system collection. A system collection is supposed to be inaccessible to the end-user. We should develop test cases to ensure that it is not accessible to the end-user. We should also ensure that the admin/root-like user can access it. |
| Comments |
| Comment by Githook User [ 08/Sep/22 ] |
|
Author: {'name': 'Denis Grebennicov', 'email': 'denis.grebennicov@mongodb.com', 'username': 'denis631'}Message: |