Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12049

Redact password data from profiler/slowms output for user management commands

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Done
    • 2.5.4
    • 2.5.5
    • Logging
    • Fully Compatible
    • ALL
    • Hide

      Reproduce:
      ./mongo
      > use foo
      > db.setProfilingLevel(0,1) // any command running for longer than 1 ms will be written to the log
      > for (var i=0;i<10000;i++) { db.foo.insert(

      {a:i}

      ) }

      server log output:
      [conn1} command admin.$cmd command: { insert: "foo", documents: [

      { _id: ObjectId('52a8c1099cb6ca0e83ee194e'), a: 249.0 }

      ], ordered: true } keyUpdates:0 reslen:40 12ms
      [conn1] command admin.$cmd command: { insert: "foo", documents: [

      { _id: ObjectId('52a8c10a9cb6ca0e83ee2f1a'), a: 5829.0 }

      ], ordered: true } keyUpdates:0 reslen:40 2ms

      Show
      Reproduce: ./mongo > use foo > db.setProfilingLevel(0,1) // any command running for longer than 1 ms will be written to the log > for (var i=0;i<10000;i++) { db.foo.insert( {a:i} ) } server log output: [conn1} command admin.$cmd command: { insert: "foo", documents: [ { _id: ObjectId('52a8c1099cb6ca0e83ee194e'), a: 249.0 } ], ordered: true } keyUpdates:0 reslen:40 12ms [conn1] command admin.$cmd command: { insert: "foo", documents: [ { _id: ObjectId('52a8c10a9cb6ca0e83ee2f1a'), a: 5829.0 } ], ordered: true } keyUpdates:0 reslen:40 2ms

    Description

      Any command running for longer than the profiling limit slowms will be outputted in its entirety to the log. More specifically If I create the admin DB through a createUser command the user's username and password will be outputted in clear with default profiling since the command runs for longer than 100 ms doing index creation.

      Lowering the slowms variable will give more frequent command output.

      Attachments

        Issue Links

          Activity

            People

              andreas.nilsson Andreas Nilsson
              andreas.nilsson Andreas Nilsson
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: