[SERVER-54964] Require valid clients for all audit events Created: 04/Mar/21 Updated: 29/Oct/23 Resolved: 18/Mar/21 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 4.9.0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Benjamin Caimano (Inactive) | Assignee: | Benjamin Caimano (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Sprint: | Security 2021-03-22 | ||||||||
| Participants: | |||||||||
| Description |
|
We take a client pointer to our audit hooks but allow for it to be nullptr. Audit events are related to changes in storage, networking, or other stateful systems, thus we should always have at least a client if not an opCtx. We should invariant that the client exists and fix places where it does not. (Notably, logLogout fails to acquire the current client during client decoration destruction.) |
| Comments |
| Comment by Githook User [ 18/Mar/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}Message: |
| Comment by Githook User [ 18/Mar/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}Message: |