[SERVER-28987] Skip wire compression for certain auth and user management commands - MongoDB

XML

Word

Printable

Details

Type: Improvement
Status: Open
Priority: Major - P3
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: features we're not sure of
Component/s: Shell
Labels:
- platforms-re-triaged

Sprint:
Security 2019-08-12, Security 2019-08-26, Security 2019-09-09

Description

When wire protocol compression is enabled, the shell should avoid compressing authentication and user management commands.

This would be in effort to mitigate any risks, although very unlikely such as BEAST and CRIME attacks.

This includes, but may not be limited to:

saslStart
saslContinue
getnonce
authenticate
createUser
updateUser
copydbSaslStart
copydbgetnonce
copydb

Attachments

Activity

People

Assignee:

Backlog - Security Team

Reporter:

Hannes Magnusson

Participants:

Backlog - Security Team, Hannes Magnusson

Votes:

0 Vote for this issue

Watchers:

8 Start watching this issue

Dates

Created:

Apr 26 2017 07:47:15 PM UTC

Updated:

Sep 20 2019 04:55:03 PM UTC