mirror of
https://github.com/mongodb/mongo.git
synced 2024-11-30 00:56:44 +01:00
35 lines
1.3 KiB
JavaScript
35 lines
1.3 KiB
JavaScript
// Test config file expansion using EXEC when permissions are too loose.
|
|
// Ideally, we'd also check for foreign ownership here,
|
|
// but that's impractical in a test suite where we're not running as root.
|
|
|
|
(function() {
|
|
'use strict';
|
|
|
|
if (_isWindows()) {
|
|
print("Skipping test on windows");
|
|
return;
|
|
}
|
|
|
|
load('jstests/noPassthrough/libs/configExpand/lib.js');
|
|
|
|
const sicReflect = {
|
|
setParameter: {scramIterationCount: {__exec: makeReflectionCmd('12345')}}
|
|
};
|
|
|
|
// Positive test just to be sure this works in a basic case before testing negatives.
|
|
configExpandSuccess(sicReflect, null, {configExpand: 'exec', chmod: 0o600});
|
|
|
|
// Still successful if readable by others, but not writable.
|
|
configExpandSuccess(sicReflect, null, {configExpand: 'exec', chmod: 0o644});
|
|
|
|
// Fail if writable by others.
|
|
const expect = /is writable by non-owner users/;
|
|
configExpandFailure(sicReflect, expect, {configExpand: 'exec', chmod: 0o666});
|
|
configExpandFailure(sicReflect, expect, {configExpand: 'exec', chmod: 0o622});
|
|
configExpandFailure(sicReflect, expect, {configExpand: 'exec', chmod: 0o660});
|
|
configExpandFailure(sicReflect, expect, {configExpand: 'exec', chmod: 0o606});
|
|
|
|
// Explicitly world-readable/writable config file without expansions should be fine.
|
|
configExpandSuccess({}, null, {configExpand: 'none', chmod: 0o666});
|
|
})();
|