Loading...

XML

Word

Printable

JSON

Type: New Feature
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
None

Backwards Compatibility:
Fully Compatible
Sprint:
Platforms 2017-08-21
Case:
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

MongoDB currently relies on RBAC, bind IPs, and external firewalls to limit network exposure.

As a further improvement for defense in depth, IP restrictions could be implemented at a user or role level to mitigate the risk of privileged accounts being used from unintended origin IPs.

is related to

SERVER-15461 Mechanism to allow restricting auth by incoming interface

Closed

related to

SERVER-22085 Bypass authentication when connecting from localhost

Backlog

Assignee:: DO NOT USE - Backlog - Platform Team
Reporter:: Stennie Steneker (Inactive)
Participants:: Andrew Morrow, DO NOT USE - Backlog - Platform Team, Stennie Steneker
Votes:: 3 Vote for this issue
Watchers:: 9 Start watching this issue

Created:: Jan 07 2016 12:37:19 AM UTC
Updated:: Jul 28 2017 01:58:42 PM UTC
Resolved:: Jul 28 2017 01:58:41 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates