Completely offline app and no cluster
all i want is to secure the “mongod” command execution (that is when running a mongod instance from the terminal).
i know it is straight forward to enforce authentication from the terminal. but the docs does not mention how to secure the “mongod” command itself. i tried updating the default config file with
security:
authorization: enabled
and it does not work either !!!
If I understand correctly, the goal is to secure the instance so that it cannot be executed by unauthorized users having access to the server. Is this accurate?
Although there are multiple ways to secure a MongoDB instance from external parties using auth and/or TLS, there is no method I’m aware of (from MongoDB’s side) that can prevent anyone having access to the server itself to connect to the database if the database is not secured with authentication. I believe at this point, it becomes a server security issue instead of a database security issue.
Perhaps something like SELinux could be used in this use case?