Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-24780

Create audit log entry for setParameter command

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 3.3.11
    • Affects Version/s: 3.2.7
    • Component/s: Security
    • None
    • Fully Compatible
    • Security 17 (07/15/16), Security (08/08/16)
    • 0

      With the inclusion of setParameter support for LDAP authn/z parameters it is now technically possible to swap out the entire user database by switching LDAP server.

      This is a security event that should be audited. I propose we include an audit entry for all calls to setParameter.

            Assignee:
            andreas.nilsson Andreas Nilsson
            Reporter:
            andreas.nilsson Andreas Nilsson
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: