[SERVER-46638] Investigate RWC default implications for FLE in the shell Created: 05/Mar/20  Updated: 29/Oct/23  Resolved: 03/Jun/21

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 5.0.0-rc2, 5.1.0-rc0

Type: Task Priority: Major - P3
Reporter: Kevin Pulo Assignee: Shreyas Kalyan
Resolution: Fixed Votes: 0
Labels: post-rc0
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
related to SERVER-45692 Ensure all internal inter-node comman... Closed
Backwards Compatibility: Fully Compatible
Backport Requested:
v5.0
Sprint: Security 2021-05-03, Security 2021-05-17, Security 2021-05-31, Security 2021-06-14
Participants:

 Description   

The EncryptedDBClientBase::getDataKeyFromDisk() and getUUIDByDataKeyAltName() functions use DBClient's findOne(), but without passing a read concern. (The ability to pass RC was recently added on SERVER-45692.) This means that these functions will use the custom default read concern, if the admin has defined one. We need to determine if it's appropriate for these reads to use a custom default RWC, or if they should pass a read concern of ReadConcernArgs::kImplicitDefault to ensure that the read consistency doesn't change in the presence of RWC defaults. We should also check if there are other places where RWC defaults may be inappropriately used by FLE code.



 Comments   
Comment by Vivian Ge (Inactive) [ 06/Oct/21 ]

Updating the fixversion since branching activities occurred yesterday. This ticket will be in rc0 when it’s been triggered. For more active release information, please keep an eye on #server-release. Thank you!

Comment by Githook User [ 15/Jun/21 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-46638 Investigate RWC default implications for FLE in the shell

(cherry picked from commit c63c85e2a0535ead596dd06fac71aa97976a3b76)
Branch: v5.0
https://github.com/mongodb/mongo/commit/127036e004966e88807034eb1fe4f690f23b0e01

Comment by Githook User [ 15/Jun/21 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-46638 Investigate RWC default implications for FLE in the shell
Branch: v5.0
https://github.com/10gen/mongo-enterprise-modules/commit/f84760a663691378e34ef86412e752f120d8536a

Comment by Githook User [ 03/Jun/21 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-46638 Investigate RWC default implications for FLE in the shell
Branch: master
https://github.com/mongodb/mongo/commit/c63c85e2a0535ead596dd06fac71aa97976a3b76

Comment by Githook User [ 03/Jun/21 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-46638 Investigate RWC default implications for FLE in the shell
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/077f1bf917a15f9e2a96af6afcbb1e6cde8c86f8

Generated at Thu Feb 08 05:12:01 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.