Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-46638

Investigate RWC default implications for FLE in the shell

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open
    • Priority: Major - P3
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: 5.0 Required
    • Component/s: Security
    • Labels:
      None

      Description

      The EncryptedDBClientBase::getDataKeyFromDisk() and getUUIDByDataKeyAltName() functions use DBClient's findOne(), but without passing a read concern. (The ability to pass RC was recently added on SERVER-45692.) This means that these functions will use the custom default read concern, if the admin has defined one. We need to determine if it's appropriate for these reads to use a custom default RWC, or if they should pass a read concern of ReadConcernArgs::kImplicitDefault to ensure that the read consistency doesn't change in the presence of RWC defaults. We should also check if there are other places where RWC defaults may be inappropriately used by FLE code.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              backlog-server-security Backlog - Security Team
              Reporter:
              kevin.pulo Kevin Pulo
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated: