[SERVER-59568] Shell's EncryptedDBClientBase class breaks encapsulation of the scripting engine Created: 24/Aug/21  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Andrew Morrow (Inactive) Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Participants:

 Description   

Use of JS scripting facilities is intended to be made via the interfaces in src/mongo/scripting, insulating clients from details of the particular scripting engine in use. However, the shell's EncryptedDBClientBase class bypasses this interface and reaches directly down to the MozJS specific scripting implementations. This should be revisited so that the shell is not tied to details of the particular scripting provider.


Generated at Thu Feb 08 05:47:34 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.