Operational Defect Database

BugZero found this defect 2535 days ago.

MongoDB | 365457

[SERVER-28356] Disallow writes to oplog from all builtin roles

Last update date:


Affected products:

MongoDB Server

Affected releases:

No affected releases provided.

Fixed releases:

No fixed releases provided.



A normal user who has write access to the "local" database is currently not disallowed from writing arbitrary data to the oplog. We should discuss more stringent rules about when (if ever) to allow these kinds of arbitrary oplog writes.

Top User Comments

greg.mckeon commented on Fri, 26 Oct 2018 15:25:09 +0000: spencer.jackson jonathan.reams should this be closed won't fix? jonathan.reams@10gen.com commented on Fri, 26 Oct 2018 15:00:59 +0000: We talked about this in sprint planning and decided that we don't actually want to do this. In the past being able to write to the oplog has been useful for support, and we don't want to completely remove that ability. Restricting access to the oplog collection with a builtin role doesn't require any major changes to the auth subsystem, and we can think about doing that, but if a user has been given write access to the oplog collection then we've decided they should be able to write to it. greg.mckeon commented on Tue, 24 Jul 2018 17:13:50 +0000: spencer.jackson if you're picking this up, would it be significant extra work to pick up SERVER-29826 as well? spencer.jackson@10gen.com commented on Thu, 4 May 2017 20:18:41 +0000: I thought about this and asked around. This seems like a reasonable request.

Additional Resources / Links


BugZero Risk Score

Coming soon



Have you been affected by this bug?


Do you know how much operational outages are costing you?

Understand the cost to your business and how BugZero can help you reduce those costs.


Login to read and write comments.

Have you ever...

had your data corrupted from a