[SERVER-9446] No sanity check of role existence when creating users Created: 24/Apr/13 Updated: 11/Jul/16 Resolved: 20/Sep/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.4.3 |
| Fix Version/s: | 2.5.3 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Andreas Nilsson | Assignee: | Spencer Brody (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Operating System: | ALL | ||||||||||||
| Participants: | |||||||||||||
| Description |
|
When calling AddUser to add a new user or modifying the roles array no verification is done that the role actually exists. This allows for simple typos to cause unpredictable authorization behavior and potentially permission problems which are very difficult to troubleshoot. If the system allowed for custom defined roles the case would be even stronger. |
| Comments |
| Comment by Spencer Brody (Inactive) [ 20/Sep/13 ] |
|
This was done as part of |
| Comment by David Hows [ 06/May/13 ] |
|
This should also cover cases such as where the user exists only on a given database, such as the admin db only roles (readAnyDatabase/readWriteAnyDatabase/userAdminAnyDatabase/dbAdminAnyDatabase/clusterAdmin) |