[SERVER-45678] Introduce failing RDNS lookup test for mongokerberos Created: 21/Jan/20  Updated: 24/Jul/23  Resolved: 24/Jul/23

Status: Closed
Project: Core Server
Component/s: Security, Testing Infrastructure
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Adam Cooper (Inactive) Assignee: Backlog - Security Team
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
Assigned Teams:
Server Security
Participants:

 Description   

Currently mongokerberos doesn't test an inability to perform RDNS name canonicalization. We will need to create service principals with FQDNs that cannot be reverse-resolved. This will likely require modification of the user database in ldaptest.10gen.cc's KDC.



 Comments   
Comment by Spencer Jackson [ 17/Mar/21 ]

This was flagged in TSEXP-532, and was on our backlog. I'm going to flag for re-triage so we can think about this one again.

Generated at Thu Feb 08 05:09:26 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.