Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.3.10
Affects Version/s: None
Component/s: Security
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Sprint:
Security 16 (06/24/16)
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

~~SERVER-21486~~ resulted in us remove the 'bypassDocumentValidation' action from all privileges returned when a 3.0 mongos talks to a 3.2 mongod. This is a hack to preserve backwards compatibility with 3.0 without requiring users to upgrade to a new version of 3.0. With ~~SERVER-21535~~ implemented, however, we won't have these backwards compatibility problems in the future, so the code added for ~~SERVER-21486~~ can be removes as soon as we've branched 3.2 and are working on the 3.3/3.4 release.

NOTE: ~~SERVER-21659~~ changed the implementation of privilege redaction from what was originally implemented in ~~SERVER-21486~~

is related to

SERVER-21631 Remove gleStats format detection based on operation Protocol (OP_COMMAND vs OP_QUERY)

Closed

related to

SERVER-21486 successful authentication does not give full privilege with 3.0 mongos and 3.2 mongod

Closed

SERVER-21535 mongos should ignore actions it doesn't recognize when parsing user privileges at authentication time

Closed

SERVER-21659 bypassDocumentValidation authentication error

Closed

Assignee:: Andreas Nilsson (Inactive)
Reporter:: Spencer Brody (Inactive)
Participants:: Andreas Nilsson, Githook User, Spencer Brody
Votes:: 0 Vote for this issue
Watchers:: 3 Start watching this issue

Created:: Nov 19 2015 05:09:48 PM UTC
Updated:: Jul 19 2016 05:04:13 PM UTC
Resolved:: Jun 27 2016 08:49:09 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates