[SERVER-28987] Skip wire compression for certain auth and user management commands Created: 26/Apr/17  Updated: 06/Dec/22

Status: Open
Project: Core Server
Component/s: Shell
Affects Version/s: None
Fix Version/s: features we're not sure of

Type: Improvement Priority: Major - P3
Reporter: Hannes Magnusson Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: platforms-re-triaged
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Sprint: Security 2019-08-12, Security 2019-08-26, Security 2019-09-09
Participants:

 Description   

When wire protocol compression is enabled, the shell should avoid compressing authentication and user management commands.

This would be in effort to mitigate any risks, although very unlikely such as BEAST and CRIME attacks.

This includes, but may not be limited to:

  • saslStart
  • saslContinue
  • getnonce
  • authenticate
  • createUser
  • updateUser
  • copydbSaslStart
  • copydbgetnonce
  • copydb

Generated at Thu Feb 08 04:19:36 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.