-
Type: Task
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
None
-
Server Security
The "scripting" library target provides the functionality needed to evaluate JavaScript in the server and the shell. Some functionality in it is specific to the shell, such as that needed to establish outbound server connections. Though controls exist to prevent servers from invoking this logic, this does result in some portions of networking and authentication code being linked into the library, and included in server-side consumers and artifacts.
We should split the shell specific logic out from the library, and include it into the shell directly.
- is related to
-
SERVER-59135 Make mongocryptd targets in MSIs depend on libsasl2
- Closed