Reputation: 4590
MongoDB: How to prevent user from reading data even if he gets hold of database
I am working on Mongodb authorization.
I added users and am using mongod --auth while connecting to the database so that only authorized users are able to see the database.
Right now, mongo db can only be able to access throught vpn. Suppose if a hacker breaks into the server machine, he can close the existing mongod connection(which was running with security using --auth) and can start a new connection without authentication mode after which he can see all the data of the database.
How can we secure database so that everytime it asks for the username/password to be provided. Or some other ways to prevent this.
Thanks.
Upvotes: 1
Views: 342
Answers (1)
Reputation: 416
If he breaks into the server machine, he won't restart mongo. He would simply copy the mongo database and open it on his own machine, without using mongo at all.
If the attacker has the control of a server running process P1, P2, ... each Pi has to be considered breached, including theirs data.
The exception is strong isolation (i.e. virtual machines) and crypto; if the application crypts all its data with a key whose generation is not fully automated (i.e. a passphrase to be inserted on the startup, a challenge/response the administrator needs to pass during the boot, etc ...) this may prevent the attacker from getting all the bits to decrypt it. Otherwise, if the application is able to encrypt and decrypt without any human help, the attacker is able to do it as well.
Those things do not apply to mongo, that does not have support for stuff like that. Good old SQLs have it but they are not trendy any more ;)
On the specific user: are you afraid they will break into as mongodb or as another user? Because if they get the user foo, they still may have problems in accessing mongodb (data or process) if local permissions are well set. But again, people tend to consider the local privilege escalation (i.e. moving from foo to root and then to mongodb) something that happens when someone breaches. In roughly 100 pentests I managed to get access to a machine, probably just once or twice I could not escalate.
Upvotes: 1
Related Questions
- How to protect my mongodb database to be accessed without password?
- Mongo access DB user rights
- Create Read only user in Mongo DB Instance for a particular database
- MongoDb - Give user access to specific database
- How to prevent unauthorized read/writes for (MongoDB) database?
- How to create user with read-write access for specific DB only in MongoDB?
- How can i restrict the user in MongoDB?
- How can i make MongoDB safe from other users?
- MongoDb application security
- Access Control in MongoDB