[SERVER-79336] [Security] Audit v7.0 feature flag Created: 25/Jul/23  Updated: 29/Oct/23  Resolved: 31/Aug/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.0.2

Type: Task Priority: Major - P3
Reporter: Randolph Tan Assignee: Gabriel Marks
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to SERVER-79317 Provide more documentation and helper... Closed
Assigned Teams:
Server Security
Backwards Compatibility: Fully Compatible
Sprint: Security 2023-08-21, Security 2023-09-04
Participants:

 Description   

Intial sync can temporarily reset the fcv value to uninitialized and sets the new value afterwards. This can cause call sites trying to inspect the fcv value to hit this invariant. We need to audit feature flag usage and determine which should do one of the following:

  • It can never be called when initial sync is running. So do nothing. Note that this can be tricky to prove as we once thought the catalog cache loader can never be run while initial sync is happening but it can.
  • It is safe to ignore fcv version so use isEnabledAndIgnoreFCVUnsafe instead
  • It is safe to turn off the feature anytime (even if feature flag is actually on) so use isEnabledUseDefaultFCVWhenUninitialized instead.
  • Special logic is needed if fcv is not initialized

gFeatureFlagConfigurableX509ClusterAuthn
gFeatureFlagAuditConfigClusterParameter
gFeatureFlagFLE2CompactForProtocolV2
gFeatureFlagFLE2Range
gFeatureFlagUserRoles



 Comments   
Comment by Githook User [ 30/Aug/23 ]

Author:

{'name': 'Gabriel Marks', 'email': 'gabriel.marks@mongodb.com', 'username': 'marksg07'}

Message: SERVER-79336 Audit security feature flags for safe FCV checks
Branch: v7.0
https://github.com/mongodb/mongo/commit/233283cc65cf437f8c6b69e7e25278b6ae347916

Generated at Thu Feb 08 06:40:43 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.