Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: 2.6.5
Component/s: JavaScript, Security
Labels:
None

Operating System:
ALL
Steps To Reproduce:

Hide

Set javascriptEnabled to false, restart all servers in replica set, and try to execute a JS job.

Show
Set javascriptEnabled to false, restart all servers in replica set, and try to execute a JS job.
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

Hi all !

I'm currently using MongoDB from EPEL7 repos (version 2.6.5) and on RHEL7 (replica set deployment). I've changed the default configuration file to switch to the YAML format and set the "javascriptEnabled" to false, which seems to have no effect.

From mongod logs, I checked that parameter is read :

2015-04-01T15:57:42.800+0200 [initandlisten] options: { command: [ "run" ], config: "/etc/mongodb.conf", net: { bindIp: "10.33.48.29,127.0.0.1", port: 27017 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, replication: { oplogSizeMB: 10240, replSetName: "rs0" }, security: { authorization: "enabled", javascriptEnabled: false, keyFile: "/var/lib/mongodb/mongod-key" }, storage: { dbPath: "/var/lib/mongodb", directoryPerDB: true, journal: { enabled: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongodb.log", quiet: true } }

Then, we tried this JS function :

db.client.aggregate({$group: {
    _id : '$name',
    total : { $sum : 1 }
   }
 })

and got a result.

Assignee:: Unassigned
Reporter:: Salim B.
Participants:: Ramon Fernandez Marina, Salim B.
Votes:: 0 Vote for this issue
Watchers:: 5 Start watching this issue

Created:: Apr 14 2015 03:20:41 PM UTC
Updated:: Apr 15 2015 05:22:50 PM UTC
Resolved:: Apr 14 2015 03:48:42 PM UTC

Details

Description

Attachments

Activity

People

Dates