[CDRIVER-4000] Add test for security-sensitive command monitoring event redaction Created: 17/May/21 Updated: 28/Oct/23 Resolved: 05/Jul/21 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 1.18.0 |
| Type: | Improvement | Priority: | Critical - P2 |
| Reporter: | Backlog - Core Eng Program Management Team | Assignee: | Andreas Braun |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||
| Quarter: | FY22Q2 | ||||||||||||||||||||||||
| Description |
|
DRIVERS Ticket Description
Script Target - If you can read this text, the script has failed
|
| Comments |
| Comment by Githook User [ 06/Jul/21 ] |
|
Author: {'name': 'Kevin Albertson', 'email': 'kevin.albertson@mongodb.com', 'username': 'kevinAlbs'}Message: Fix backport of |
| Comment by Githook User [ 05/Jul/21 ] |
|
Author: {'name': 'Andreas Braun', 'email': 'alcaeus@users.noreply.github.com', 'username': 'alcaeus'}Message:
This brings the spec tests up to date with mongodb/specifications#84ac002b
This adds support for the "observeSensitiveCommands" monitoring option, as well as the new "auth" runOnRequirement.
Previously, the driver would not redact the reply to a hello command with speculative authentication unless the reply also was sensitive. As this makes the test completely useless, we've decided to always require redaction of replies when the command was redacted.
|
| Comment by Githook User [ 05/Jul/21 ] |
|
Author: {'name': 'Andreas Braun', 'email': 'alcaeus@users.noreply.github.com', 'username': 'alcaeus'}Message:
This brings the spec tests up to date with mongodb/specifications#84ac002b
This adds support for the "observeSensitiveCommands" monitoring option, as well as the new "auth" runOnRequirement.
Previously, the driver would not redact the reply to a hello command with speculative authentication unless the reply also was sensitive. As this makes the test completely useless, we've decided to always require redaction of replies when the command was redacted.
|
| Comment by Andreas Braun [ 02/Jul/21 ] |