Major - P3 Queryable Backup currently uses readAnyDatabase@admin role + X509 authorization for the user against authed mongods. This is insufficient to read system collections. From the QB point of view, we want to allow the user to be able to read everything including system collections, perhaps with the exception of certain things within the config db when it comes to sharded clusters.
Right now there isn't a "read-everything-and-read-only" built-in role that can achieve this. The backup role is close on the read side, but it also can appendOplogNote and manipulate the balancer, etc.
Custom roles are also difficult to use because we cannot save them in the DB, and I'm not sure if X509 authorization supports crafting arbitrary roles with all the necessary read privileges. And what if Backup has some "fake" system collections and custom roles created by the customer?
- is related to
-
SERVER-27554 Authorization error when using the find() method on the system.views collection
-
- Closed
-