-
Type: Bug
-
Resolution: Done
-
Priority: Major - P3
-
None
-
Affects Version/s: 2.6.5
-
Component/s: JavaScript, Security
-
Labels:None
-
ALL
-
Hi all !
I'm currently using MongoDB from EPEL7 repos (version 2.6.5) and on RHEL7 (replica set deployment). I've changed the default configuration file to switch to the YAML format and set the "javascriptEnabled" to false, which seems to have no effect.
From mongod logs, I checked that parameter is read :
2015-04-01T15:57:42.800+0200 [initandlisten] options: { command: [ "run" ], config: "/etc/mongodb.conf", net: { bindIp: "10.33.48.29,127.0.0.1", port: 27017 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, replication: { oplogSizeMB: 10240, replSetName: "rs0" }, security: { authorization: "enabled", javascriptEnabled: false, keyFile: "/var/lib/mongodb/mongod-key" }, storage: { dbPath: "/var/lib/mongodb", directoryPerDB: true, journal: { enabled: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongodb.log", quiet: true } }
Then, we tried this JS function :
db.client.aggregate({$group: {
_id : '$name',
total : { $sum : 1 }
}
})
and got a result.
- related to
-
DOCS-5210 Unfinished sentence in docs for javascriptEnabled
- Closed