Mongo users and permissions 04/30 Update SLTechnology News&Howtos

Mongo users and permissions

2025-04-30 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Shulou(Shulou.com)06/01 Report--

When you open the MongoDB service without adding any parameters, there is no permission to verify by default, and the logged-in user can operate on the database at will and can access the database remotely!

When MongoDB is installed, there is an admin database by default (before 3.0,3.0 and later, there is no admin database by default, and you need to create it yourself). At this time, the admin database is empty and does not record permission-related information! When admin.system.users does not have a single user, even if the-auth parameter is added when mongod starts, if no user is added to the admin database, anything can be done without any authentication (regardless of whether it is started with the-- auth parameter or not) until a user is added to the admin.system.users.

It should be noted that admin.system.users will store more user information than those set in other databases and have super permissions, that is, users created in admin can manipulate other database data in mongodb.

Summary:

1) in the mongodb system, the database is created by super users, a database can contain multiple users, a user can only be under one database, and users in different databases can have the same name!

2) when there is no user in admin.system.users, even if the-auth parameter is added when mongod starts, if no user is added in the admin database, any operation can be done without any authentication (regardless of whether it is started with the-- auth parameter or not) until a user is added to the admin.system.users.

3) specific databases, such as the user User1 under DB1, cannot access other database DB2, but can access the data created by other users under this database!

4) users with the same name in different databases cannot log in to other databases! For example, DB1,DB2 has user1. After logging in to DB1 with user1, you cannot log in to DB2 for database operation!

5) users created in the admin database have super privileges to manipulate the data objects of any database in the mongodb system!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.