[SERVER-14271] Validate PEM files are not world readable Created: 16/Jun/14 Updated: 10/Dec/14 Resolved: 24/Jul/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Mark Benvenuto | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | neweng | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Operating System: | ALL | ||||||||
| Participants: | |||||||||
| Description |
|
Today, we validate that the security key file is not world readable. We should add similar checks to the PEM key file, and other private secrets. See src/mongo/db/auth/security_key.cpp for an example.
|