Summary

Originally in SECURITY-334 :

See SECURITY-333 for background. The purpose of this ticket is to audit all existing drivers for leakage of sensitive information (passwords, password hashes, etc.). Things to look for:

• Exception messages that inadvertently include passwords or password hashes
• Log messages that inadvertently include passwords or password hashes

Obvious (but not necessarily the only) things to look at would be exceptions raised by or messages logged by uses of the following commands:

• createUser
• updateUser
• authenticate
• getNonce
• saslStart
• copydb
• copydbgetnonce
• copydbsaslstart

The ask is to write tests in each driver that serve as the audit and also a way to catch future regressions.

Motivation

Who is the affected end user?

MongoDB

How does this affect the end user?

Are they blocked? Are they annoyed? Are they confused?

How likely is it that this problem or use case will occur?

Main path? Edge case?

If the problem does occur, what are the consequences and how severe are they?

Minor annoyance at a log message? Performance concern? Outage/unavailability? Failover can't complete?

Is this issue urgent?

Does this ticket have a required timeline? What is it?

Is this ticket required by a downstream team?

Needed by e.g. Atlas, Shell, Compass?

Is this ticket only for tests?

Does this ticket have any functional impact, or is it just test improvements?

Acceptance Criteria

What specific requirements must be met to consider the design phase complete?