[SERVER-14272] Validate security key and PEM files has good security permissions on Windows Created: 16/Jun/14 Updated: 23/Jul/19 Resolved: 23/Jul/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.7.2 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Mark Benvenuto | Assignee: | Mark Benvenuto |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | neweng, platforms-re-triaged | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Operating System: | Windows | ||||||||
| Sprint: | Security 2019-07-29 | ||||||||
| Participants: | |||||||||
| Description |
|
See src/mongo/db/auth/security_key.cpp for ifndef _WIN32 code that validates security permissions no security key. We should add similar code for Windows.
|
| Comments |
| Comment by Mark Benvenuto [ 23/Jul/19 ] |
|
Evaluating the quality of actual Windows ACLs is difficult. Why it is possible to undo the define outlined in the description, checking the quality of an ACL depends on understanding the ACEs that make up it and group memberships which is difficult to navigate. |