disable mongodb javascript
Bug #1241763 reported by
Kapil Thangavelu
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
Medium
|
Unassigned | ||
juju-core |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
we're not using mongodb server side evaluation of javascript, it would be sensible to disable it to avoid the attack surface area. ie pass --noscripting on the cli or via config.b
Changed in juju-core: | |
importance: | High → Medium |
tags: | added: tech-debt |
Changed in juju: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Probably useful as the javascript interpreter was the first thing to
break during the 1.10 load testing.
On Sat, Oct 19, 2013 at 5:32 AM, Kapil Thangavelu /bugs.launchpad .net/bugs/ 1241763 /bugs.launchpad .net/juju- core/+bug/ 1241763/ +subscriptions
<email address hidden> wrote:
> Public bug reported:
>
> we're not using mongodb server side evaluation of javascript, it would
> be sensible to disable it to avoid the attack surface area. ie pass
> --noscripting on the cli or via config.b
>
> ** Affects: juju-core
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are subscribed to juju-
> core.
> Matching subscriptions: MOAR JUJU SPAM!
> https:/
>
> Title:
> disable mongodb javascript
>
> Status in juju-core:
> New
>
> Bug description:
> we're not using mongodb server side evaluation of javascript, it would
> be sensible to disable it to avoid the attack surface area. ie pass
> --noscripting on the cli or via config.b
>
> To manage notifications about this bug go to:
> https:/