Do not use "long distance friendship" to implement Passkey access control

XMLWordPrintableJSON

    • Type: Improvement
    • Resolution: Unresolved
    • Priority: Minor - P4
    • None
    • Affects Version/s: None
    • Component/s: None
    • Networking & Observability
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      We can sufficiently enforce auditable and reviewable restricted passkey access using comments and naming, without overloading the C++ type system's "friend" feature.

      The resultant designs are simpler and more clear.
      Using friendship restrictions is imprecise and requires a lot more documentation, and forward declarations etc of foreign entities. It should not be done.

      See
      https://github.com/10gen/mongo/pull/55467 (fixed in review)
      https://github.com/10gen/mongo/pull/55632 (needs fix)

      Happy to discuss or collaborate on alternatives.

            Assignee:
            Unassigned
            Reporter:
            Billy Donahue
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: