diff --git a/draft/core/security.txt b/draft/core/security.txt index 9cc37a64a1c..a44a80e18db 100644 --- a/draft/core/security.txt +++ b/draft/core/security.txt @@ -6,7 +6,7 @@ Authentication and Security As with all software running in a networked environment, administrators of MongoDB must consider security and risk -exposures for a MongoDB deployment. There are no magic solution for risk +exposures for a MongoDB deployment. There are no magic solutions for risk mitigation, and maintaining a secure MongoDB deployment is an ongoing process. This document takes a *Defense in Depth* approach to securing MongoDB deployments, and addresses a number of different methods for @@ -80,7 +80,8 @@ By default, listens for connections on the following ports: ``27017`` This is the default port :program:`mongod` and :program:`mongos` - instances. You can change this port with :setting:`port`. + instances. You can change this port with :setting:`port` or + :option:`--port `. ``27018`` This is the default port when running with :option:`--shardsvr @@ -89,7 +90,7 @@ By default, listens for connections on the following ports: ``27019`` This is the default port when running with :option:`--configsvr - ` runtime operation or :setting:`commonsvr` + ` runtime operation or :setting:`configsvr` setting. ``28017`` @@ -278,7 +279,7 @@ authentication system: - When setting up authentication for the first time you must either: - a. add at least one user to the ``admin`` database before starting + #. add at least one user to the ``admin`` database before starting the :program:`mongod` instance with :setting:`auth`. #. add the first user to the ``admin`` database when connected to @@ -291,10 +292,10 @@ authentication system: Consider the :doc:`/tutorial/use-authentication-to-control-access-to-mongodb` -document which outlines procedures for configuraing and maintaing +document which outlines procedures for configuring and maintaining users and access with MongoDB's authentication system. -.. [#sharded-localhost] Becasue of :issue:`SERVER-6591`, you cannot +.. [#sharded-localhost] Because of :issue:`SERVER-6591`, you cannot add the first user to a sharded cluster using the ``localhost`` connection in 2.2. If you are running a 2.2 sharded cluster, and want to enable authentication, you must deploy the cluster and add @@ -304,19 +305,19 @@ users and access with MongoDB's authentication system. Interfaces ---------- -Simply limiting access to a :program:`mongod` is not a sufficent for -totally controling risk expsorure. Consider the recomendaitons in the +Simply limiting access to a :program:`mongod` is not a sufficient for +totally controlling risk exposure. Consider the recommendations in the following section, for limiting exposure other interface-related risks. -JavaScript and the Security of the ``mongo`` Sell -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +JavaScript and the Security of the ``mongo`` Shell +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Be aware of the following capabilities and behaviors of the :program:`mongo` shell: - :program:`mongo` will evaluate a ``.js`` file passed to the - :option:`mongo --eval` operation. command. The :program:`mongo` + :option:`mongo --eval` option. The :program:`mongo` shell does not validate the input of JavaScript input to :option:`--eval `. @@ -325,10 +326,10 @@ Be aware of the following capabilities and behaviors of the :option:`mongo --norc`` option. On Linux and Unix systems, :program:`mongo` reads the - ``.mongorc.js`` file from ``$HOME/.mongorc.js`` - (i.e. ``~/.mongorc.js``), and Windows :program:`mongo` reads the - ``.mongorc.js`` file from ``%HOME%\.mongorc.js`` or - ``%HOMEDRIVE%\%HOMEPATH%\.mongorc.js``. + :file:`.mongorc.js` file from :file:`{$HOME}/.mongorc.js` + (i.e. :file:`~/.mongorc.js`), and Windows :program:`mongo.exe` reads the + :file:`.mongorc.js` file from :file:`{%HOME%}\.mongorc.js` or + :file:`{%HOMEDRIVE%}\{%HOMEPATH%}\.mongorc.js`. HTTP Status Interface ~~~~~~~~~~~~~~~~~~~~~ @@ -336,14 +337,14 @@ HTTP Status Interface The HTTP status interface provides a web-based interface that includes a variety of operational data, logs, and status reports regarding the :program:`mongod` or :program:`mongos` instance. The HTTP interface is -always avalible on the the port numbered ``1000`` greater than the +always available on the the port numbered ``1000`` greater than the primary :program:`mongod` port. By default this is ``28017``, but is indirectly using the :setting:`port` option which allows you to configure the primary :program:`mongod` port. Without the :setting:`rest` setting, this interface is entirely -read-only, and limited in scope; nevertheless, this iterface may -represent an exposure. To diable the HTTP interface, set the +read-only, and limited in scope; nevertheless, this interface may +represent an exposure. To disable the HTTP interface, set the :setting:`nohttpinterface` run time option or the :option:`--nohttpinterface ` command line option. @@ -372,15 +373,15 @@ the REST API interface: Data Encryption --------------- -To support audit requirements, you may need to envrypt data stored in +To support audit requirements, you may need to encrypt data stored in MongoDB. For best results you can encrypt this data in the application -layer, by encrytping the content of fields that hold secure data. +layer, by encrypting the content of fields that hold secure data. Additionally, `10gen`_ has a `partnership`_ with `Gazzang`_ to encrypt -and secure senitive data within MongoDB. The solution encrypts data in +and secure sensitive data within MongoDB. The solution encrypts data in real time and Gazzang provides advanced key management that ensures -only authorized processes and can access this data. THe Gazzang -software ensures that the cryptogrpahic keys rmeain safe and ensures +only authorized processes and can access this data. The Gazzang +software ensures that the cryptographic keys remain safe and ensures compliance with standards including HIPPA, PCI-DSS, and FERPA. For more information consider the following resources: diff --git a/draft/tutorial/use-authentication-to-control-access-to-mongodb.txt b/draft/tutorial/use-authentication-to-control-access-to-mongodb.txt index 244fdb29b56..24d89641a08 100644 --- a/draft/tutorial/use-authentication-to-control-access-to-mongodb.txt +++ b/draft/tutorial/use-authentication-to-control-access-to-mongodb.txt @@ -173,7 +173,7 @@ configuration, i.e. authentication does not apply to users logging into `mongod` on localhost. -.. versionadded:: 2.2 +.. versionchanged:: 2.2 The trust model changed for MongoDB 2.2. If :program:`mongod` is started with the :option:`--auth ` option then @@ -218,7 +218,7 @@ database when running with authentication enabled: * - Localhost - Yes - Yes - * - Locahost + * - Localhost - No - No * - Remote @@ -348,9 +348,9 @@ characters from the administrator setting up the cluster. If you run mongod with `-v`, the key will be printed in the log. -The keyfile must be owned and readable by the account running the +The keyFile must be owned and readable by the account running the MongoDB instance. The MongoDB instance will exit with an error if -the keyfile is readable, writeable or executable by any other +the keyFile is readable, writeable or executable by any other account on the system. Currently, permissions are not checked by :program:`mongod.exe` on Windows. \ No newline at end of file