-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
Server Security
-
Fully Compatible
-
v7.0
-
Security 2023-06-12
AuthorizationContract exists to validate, in test mode, that the API conforms to the contract specified in IDL. These checks are largely disabled in production code but we should go further and disable the accounting in AuthorizationContract also. For instance, there is no need to take the mutex in AuthorizationContract::addAccessCheck if we are never going to verify the contract.