Adding OSSN-0066
MongoDB guest instance allows any user to connect Change-Id: I40b6aa68436b58e11099617abf61b9b64be71eef Closes-Bug: #1507841
This commit is contained in:
parent
3b28201476
commit
5743c87dc7
49
security-notes/OSSN-0066
Normal file
49
security-notes/OSSN-0066
Normal file
@ -0,0 +1,49 @@
|
||||
MongoDB guest instance allows any user to connect
|
||||
---
|
||||
|
||||
### Summary ###
|
||||
When creating a new MongoDB single instance or cluster the default setting in
|
||||
MongoDB `security.authorization` was set as disabled. This resulted in no need
|
||||
to provide user credentials to connect to the mongo instance and perform read /
|
||||
write operations from any network that is attached on instance create.
|
||||
|
||||
### Affected Services / Software ###
|
||||
Trove, Liberty
|
||||
|
||||
### Discussion ###
|
||||
MongoDB contains a security config set within `mongo.conf` as follows:
|
||||
|
||||
security:
|
||||
authorization: "enabled"
|
||||
|
||||
When creating a new MongoDB instance, or cluster within Trove the `security`
|
||||
value was not populated resulting in MongoDB adopting the default value of
|
||||
`disabled`. With security authorization disabled there would be no enforcement
|
||||
of user authentification, allowing users to connect and perform read/write data
|
||||
operations from any network that is attached on instance create.
|
||||
|
||||
A fix was implemented within Mitaka and back ported to Liberty that addresses
|
||||
the problem by enabling authorization by default on single instances. This can
|
||||
be toggled via configuration groups.
|
||||
|
||||
Cluster security is determined by the Trove config variable
|
||||
`mongodb.cluster_secure`. This cannot be toggled once the cluster is created.
|
||||
|
||||
### Recommended Actions ###
|
||||
Single instances are now use role based access control (RBAC) by default. To
|
||||
disable RBAC, the Trove user can attach a security group with
|
||||
`security.authorization` set to `disabled`. It can be re-enabled by detaching
|
||||
the security group or changing the value to `enabled`.
|
||||
|
||||
The Trove config variable `mongodb.cluster_secure`
|
||||
(boolean type, in `trove.conf`) determines the RBAC state of MongoDB clusters
|
||||
that are created. Setting this to true enables RBAC while false disables it.
|
||||
This applies to all MongoDB clusters, and requires a restart of the trove-api
|
||||
service to change, and cannot be toggled on running clusters.
|
||||
|
||||
### Contacts / References ###
|
||||
Author: Luke Hinds, Red Hat
|
||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0066
|
||||
Original LaunchPad Bug : https://bugs.launchpad.net/trove/+bug/1507841
|
||||
Mailing List : [Security] tag on openstack-dev@lists.openstack.org
|
||||
OpenStack Security Group : https://launchpad.net/~openstack-ossg
|
Loading…
Reference in New Issue
Block a user