Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Critical - P2
Fix Version/s: 2.5.0
Affects Version/s: None
Component/s: Security
Labels:
None

Confidence Status:
None
Work Order:
0

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

A significant hurdle to getting certain software accredited is removing all cleartext passwords from persistent storage on systems. As such, using a mongod startup script that included "--sslPEMKeyPassword <yourpassword>" would be a violation. The most straightforward solution to get around this would probably be allowing for interactive password entry whenever it isn't specified in SSL mode.

related to

SERVER-8727 Speculative - possible to recover certificate password with gdb?

Closed

Assignee:: Eric Milkie
Reporter:: Barrie Segal (Inactive)
Participants:: auto, Barrie Segal, Eric Milkie, Jeff Segal
Votes:: 1 Vote for this issue
Watchers:: 8 Start watching this issue

Created:: Jan 14 2013 09:48:54 PM UTC
Updated:: Apr 07 2014 10:15:23 PM UTC
Resolved:: Apr 12 2013 06:52:38 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates