[SERVER-36606] Remove size limits on BSON audit events Created: 13/Aug/18  Updated: 08/Jan/24  Resolved: 17/Sep/18

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 3.6.11, 4.0.7, 4.1.4

Type: Improvement Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
is depended on by SERVER-38801 Cope with large BSON blobs in queryab... Closed
Duplicate
duplicates SERVER-16364 Audit code should not redact the cont... Closed
Related
related to SERVER-41634 Audit log entry for insertMany only i... Closed
is related to SERVER-36070 Aggregation with $out results in erro... Closed
Backwards Compatibility: Fully Compatible
Backport Requested:
v4.0, v3.6
Sprint: Security 2018-09-10, Security 2018-09-24
Participants:

 Description   

The user limits on BSONObj sizes shouldn't apply in the audit code paths.



 Comments   
Comment by Githook User [ 15/Feb/19 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-36606: Allow construction of large BSON objects

(cherry picked from commit f99914d14b76718f1fef879cfaabe23c0c8f0857)
Branch: v3.6
https://github.com/mongodb/mongo/commit/bbb83fa252895f36db69d69f249af2a98ba20890

Comment by Githook User [ 06/Feb/19 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-36606: Allow construction of large BSON objects

(cherry picked from commit f99914d14b76718f1fef879cfaabe23c0c8f0857)
Branch: v4.0
https://github.com/mongodb/mongo/commit/a252526f4363b40d192ae697536795a2b0df1c69

Comment by Andy Schwerin [ 18/Sep/18 ]

I'm a little surprised by this approach. Did I miss a design review of this decision, spencer.jackson , mira.carey@mongodb.com ?

Comment by Githook User [ 17/Sep/18 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-36606: Add large OP_MSG audit integration testing
Branch: master
https://github.com/mongodb/mongo/commit/11892a26868b452a161b143bb93a04d2ac3b6748

Comment by Githook User [ 17/Sep/18 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-36606: Allow commands to expose names of sensitive fields
Branch: master
https://github.com/mongodb/mongo/commit/e78dc4e8cf32da88062090410ab8617f604633c9

Comment by Githook User [ 17/Sep/18 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-36606: Allow construction of large BSON objects
Branch: master
https://github.com/mongodb/mongo/commit/f99914d14b76718f1fef879cfaabe23c0c8f0857

Comment by Githook User [ 17/Sep/18 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-36606: Allow audit log to contain large BSON objects
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/d8cebd890b94a2502d35428fff78257fe476bae2

Generated at Thu Feb 08 04:43:36 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.