Details
-
New Feature
-
Resolution: Done
-
Major - P3
-
None
-
None
-
None
-
Fully Compatible
-
Platforms 2017-08-21
-
(copied to CRM)
Description
MongoDB currently relies on RBAC, bind IPs, and external firewalls to limit network exposure.
As a further improvement for defense in depth, IP restrictions could be implemented at a user or role level to mitigate the risk of privileged accounts being used from unintended origin IPs.
Attachments
Issue Links
- is related to
-
SERVER-15461 Mechanism to allow restricting auth by incoming interface
-
- Closed
-
- related to
-
SERVER-22085 Bypass authentication when connecting from localhost
-
- Backlog
-