3.6 Review Superuser/Admin Roles - userAdminAnyDatabase

Information

Roles provide several advantages that make it easier to manage privileges in a database system. Security administrators can control access to their databases in a way that mirrors the structure of their organizations (they can create roles in the database that map directly to the job functions in their organizations). The assignment of privileges is simplified. Instead of granting the same set of privileges to each individual user in a particular job function, the administrator can grant this set of privileges to a role representing that job function and then grant that role to each user in that job function.

The following roles provide the ability to assign any user any privilege on any database, which means that users with one of these roles can assign themselves any privilege on any database:

dbOwner role, when scoped to the admin database

userAdmin role, when scoped to the admin database

userAdminAnyDatabase role

Rationale:

Reviewing the Superuser/Admin roles within a database helps minimize the possibility of privileged unwanted access.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

To remove a user from one or more roles on the current database.

use <dbName>
db.revokeRolesFromUser( '<usernamem>', [ <roles> ])

See Also

https://workbench.cisecurity.org/files/3560