Per SERVER-26101, the auth method is not supported on DBDirectClent. The fix in SERVER-26101 removed it from the JavaScript context, but there may other indirect paths to this function.
The DBDirectClient class should override the auth method, and change it to uassert that it is not supported to be sure.
- is related to
-
SERVER-26101 DBDirectClient isn't safe to auth
- Closed
- related to
-
SERVER-33648 Attempting to perform user- and role-management commands in db.eval() with nolock=false can lead to deadlock
- Closed