[SERVER-778] don't give read lock when write lock needed in weird auth case Created: 18/Mar/10 Updated: 12/Jul/16 Resolved: 11/May/10 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 1.5.2 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Aaron Staple | Assignee: | Eliot Horowitz (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Participants: |
| Description |
|
So I was able to create a new WRITE command that got run with a read lock and did an insert without asserting. Presumably a lockType=WRITE/requiresAuth=false combo is unusual. There are a couple such commands right now, but I think they would more properly have read locks. Might be worth putting a guard in execCommand() anyway. struct BogusCmd : public Command { virtual LockType locktype() { return WRITE; }virtual bool requiresAuth() { return false; }virtual bool run(const char * badns, BSONObj& cmdObj, string& errmsg, BSONObjBuilder& result, bool) { log() << "mutex state: " << dbMutex.getState() << endl; BSONObj o = BSON( "a" << "b" ); theDataFileMgr.insert( "test.test", o ); return true; }} bogusCommand; |
| Comments |
| Comment by auto [ 11/May/10 ] |
|
Author: {'login': 'erh', 'name': 'Eliot Horowitz', 'email': 'eliot@10gen.com'}Message: |
| Comment by Aaron Staple [ 18/Mar/10 ] |
|
My fix made it impossible for a read only user to use db.eval, since $eval is a WRITE mode command and once a write lock is acquired that's currently how auth is checked. Is $eval a write lock command because we have trouble running multithreaded js? If this is the case you'll run into trouble when someone only has read access, because $eval will run with a read lock instead. I'm not sure it always makes sense for the lock type to be tied to the access type. |
| Comment by auto [ 18/Mar/10 ] |
|
Author: {'login': 'astaple', 'name': 'Aaron', 'email': 'aaron@10gen.com'}Message: Revert " This reverts commit ad6e86e451b94230041d413e7c46fc0ad30c7633. |
| Comment by Aaron Staple [ 18/Mar/10 ] |
|
Just going to allow running with a write lock when the command doesn't require auth. There's no checking the lock type farther down, and we don't want to run with the wrong type. |
| Comment by auto [ 18/Mar/10 ] |
|
Author: {'login': 'astaple', 'name': 'Aaron', 'email': 'aaron@10gen.com'}Message: |