[SERVER-28987] Skip wire compression for certain auth and user management commands - MongoDB

XML

Word

Printable

Details

Type: Improvement
Status: Open
Priority: Major - P3
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: features we're not sure of
Component/s: Shell
Labels:
- platforms-re-triaged

Description

When wire protocol compression is enabled, the shell should avoid compressing authentication and user management commands.

This would be in effort to mitigate any risks, although very unlikely such as BEAST and CRIME attacks.

This includes, but may not be limited to:

saslStart
saslContinue
getnonce
authenticate
createUser
updateUser
copydbSaslStart
copydbgetnonce
copydb

Attachments

Activity

People

Assignee:

Backlog - Platform Team

Reporter:

Hannes Magnusson

Participants:

Backlog - Platform Team, Hannes Magnusson

Votes:

0 Vote for this issue

Watchers:

5 Start watching this issue

Dates

Created:

Apr 26 2017 07:47:15 PM UTC

Updated:

Feb 26 2018 03:24:53 PM UTC