Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12616

can run adminCommands on mongos without authorization if config servers are down

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Critical - P2 Critical - P2
    • 2.6.0-rc0
    • Affects Version/s: 2.5.5
    • Component/s: Security
    • None
    • Fully Compatible
    • ALL

      When all config servers are down, admin commands can be executed on a mongos without the necessary privileges.

      Reproduction steps:

      1. start sharded cluster with --keyFile authentication, add users
      2. kill all config servers
      3. log into mongos and execute admin commands that would otherwise require certain privileges, e.g. serverStatus would require clusterAdmin role

      jstest is attached.

      Example shell transcript:

      with config server (here only 1) running

      mongo
MongoDB shell version: 2.5.5
connecting to: test
Error while trying to show server startup warnings: not authorized on admin to execute command { getLog: "startupWarnings" }
mongos> db.adminCommand('serverStatus')
{
        "ok" : 0,
        "errmsg" : "not authorized on admin to execute command { serverStatus: 1.0 }",
        "code" : 13
}
mongos>
bye

      kill config server

      (ve)tr@enter:~/Documents/tmp$ psmongo
tr              86292   0.5  0.3  2751984  44876   ??  S     9:50pm   0:10.92 mongod --dbpath /Users/tr/Documents/tmp/data/config/db --logpath /Users/tr/Documents/tmp/data/config/mongod.log --port 27020 --logappend --keyFile /Users/tr/Documents/tmp/data/keyfile --configsvr --fork
tr              86262   0.4  0.1  2718168  10840   ??  S     9:47pm   0:10.07 mongod --dbpath /Users/tr/Documents/tmp/data/shard01/db --logpath /Users/tr/Documents/tmp/data/shard01/mongod.log --port 27018 --logappend --keyFile /Users/tr/Documents/tmp/data/keyfile --fork
tr              86265   0.4  0.1  2718168  10540   ??  S     9:47pm   0:09.96 mongod --dbpath /Users/tr/Documents/tmp/data/shard02/db --logpath /Users/tr/Documents/tmp/data/shard02/mongod.log --port 27019 --logappend --keyFile /Users/tr/Documents/tmp/data/keyfile --fork
tr              86271   0.3  0.0  2489404   6844   ??  S     9:47pm   0:07.25 mongos --logpath /Users/tr/Documents/tmp/data/mongos.log --port 27017 --configdb enter.local:27020 --logappend --keyFile /Users/tr/Documents/tmp/data/keyfile --fork
(ve)tr@enter:~/Documents/tmp$ kill 86292

      Trying the same command again

      (ve)tr@enter:~/Documents/tmp$ mongo
MongoDB shell version: 2.5.5
connecting to: test
mongos> db.adminCommand('serverStatus')
{
        "host" : "enter.local",
        "version" : "2.5.5",
        "process" : "mongos",
        "pid" : NumberLong(86271),
        "uptime" : 1821,
...

        1. mongos_authed_noconfig.js
          1 kB
          Thomas Rueckstiess

            Assignee:
            schwerin@mongodb.com Andy Schwerin
            Reporter:
            thomas.rueckstiess@mongodb.com Thomas Rueckstiess
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved: