[SERVER-66662] Block insertion into __safeContent__ Created: 23/May/22 Updated: 29/Oct/23 Resolved: 20/Jun/22 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Field Level Encryption |
| Affects Version/s: | None |
| Fix Version/s: | 6.0.0-rc11, 6.1.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Mark Benvenuto | Assignee: | Shreyas Kalyan |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | equality-ga, ga-required | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||
| Backport Requested: |
v6.0
|
||||||||||||||||
| Sprint: | Security 2022-05-30, Security 2022-06-13, Security 2022-06-27 | ||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
To prevent users from accidentally corrupted the FLE 2 index structures, the server should block insertion into the _safeContent_ array unless bypassDocumentValidation is enabled or the request is coming from mongos. |
| Comments |
| Comment by Githook User [ 20/Jun/22 ] |
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}Message: (cherry picked from commit 00300876a899a40fd6121b8f3abacdd3194daf54) |
| Comment by Githook User [ 20/Jun/22 ] |
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}Message: (cherry picked from commit 928e50729b2692a0f7157d7843eeebc053a409c8) |
| Comment by Githook User [ 17/Jun/22 ] |
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}Message: |
| Comment by Githook User [ 17/Jun/22 ] |
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}Message: |