[SERVER-38428] Log warning when a non-mongod client connects using a certificate with cluster membership. Created: 05/Dec/18 Updated: 29/Oct/23 Resolved: 01/Feb/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 4.1.8 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Sara Golemon | Assignee: | Isabella Siu (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Sprint: | Security 2019-01-28, Security 2019-02-11 |
| Participants: |
| Description |
|
Since cluster membership (matching O/OU/DC in RDN) confers elevated privileges to cluster members, we should actively discourage the use of these certificates by any nodes other than actual cluster members (mongod instances). |
| Comments |
| Comment by Githook User [ 01/Feb/19 ] |
|
Author: {'name': 'Isabella Siu', 'email': 'isabella.siu@10gen.com', 'username': 'iwysiu'}Message: |