[SERVER-9701] Incorrect warning msg about localhost access enabled Created: 15/May/13 Updated: 05/Jan/16 Resolved: 05/Jan/16 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Internal Code, Security |
| Affects Version/s: | 2.4.3 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Andreas Nilsson | Assignee: | Rahul Dhodapkar |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Operating System: | ALL |
| Steps To Reproduce: | conn = startMongod( "--auth", var testDB = conn.getDB('test'); ); This will print the warning while still disallowing the insert and find. |
| Sprint: | Security E (01/01/16) |
| Participants: |
| Description |
|
When disabling the localhost authentication exception the server still prints the warning: "note: no users configured in admin.system.users, allowing localhost access" |
| Comments |
| Comment by Rahul Dhodapkar [ 05/Jan/16 ] |
|
Works as intended in 3.2.0 community and enterprise. Did a significant amount of refactoring around the localhost exception in 3.0, so this was probably resolved. |