Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12049

Redact password data from profiler/slowms output for user management commands

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.5.5
    • Affects Version/s: 2.5.4
    • Component/s: Logging
    • Fully Compatible
    • ALL
    • Hide

      Reproduce:
      ./mongo
      > use foo
      > db.setProfilingLevel(0,1) // any command running for longer than 1 ms will be written to the log
      > for (var i=0;i<10000;i++) { db.foo.insert(

      {a:i}

      ) }

      server log output:
      [conn1} command admin.$cmd command: { insert: "foo", documents: [

      { _id: ObjectId('52a8c1099cb6ca0e83ee194e'), a: 249.0 }

      ], ordered: true } keyUpdates:0 reslen:40 12ms
      [conn1] command admin.$cmd command: { insert: "foo", documents: [

      { _id: ObjectId('52a8c10a9cb6ca0e83ee2f1a'), a: 5829.0 }

      ], ordered: true } keyUpdates:0 reslen:40 2ms

      Show
      Reproduce: ./mongo > use foo > db.setProfilingLevel(0,1) // any command running for longer than 1 ms will be written to the log > for (var i=0;i<10000;i++) { db.foo.insert( {a:i} ) } server log output: [conn1} command admin.$cmd command: { insert: "foo", documents: [ { _id: ObjectId('52a8c1099cb6ca0e83ee194e'), a: 249.0 } ], ordered: true } keyUpdates:0 reslen:40 12ms [conn1] command admin.$cmd command: { insert: "foo", documents: [ { _id: ObjectId('52a8c10a9cb6ca0e83ee2f1a'), a: 5829.0 } ], ordered: true } keyUpdates:0 reslen:40 2ms
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None

      Any command running for longer than the profiling limit slowms will be outputted in its entirety to the log. More specifically If I create the admin DB through a createUser command the user's username and password will be outputted in clear with default profiling since the command runs for longer than 100 ms doing index creation.

      Lowering the slowms variable will give more frequent command output.

            Assignee:
            andreas.nilsson Andreas Nilsson (Inactive)
            Reporter:
            andreas.nilsson Andreas Nilsson (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: