Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-27655

Redact echoed mongo shell URIs

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major - P3
    • Resolution: Duplicate
    • None
    • None
    • Security, Shell
    • None
    • Security 2019-08-26, Security 2019-09-09

    Description

      By default, when you run the shell with a URI, it will echo the URI to the output. This URI will sometimes include passwords. It can be suppressed by running the shell with `--quiet`, but this will also surpress the server's startup warnings. This output could be redacted.

      Example:

      % ./mongo --quiet mongodb://admin:admin@localhost
      		 
      MongoDB Enterprise > ^C
      		 
      % ./mongo mongodb://admin:admin@localhost                                                                                                                      
      MongoDB shell version v3.5.1-62-g2962b34c53
      		 
      connecting to: mongodb://admin:admin@localhost
      		 
      MongoDB server version: 3.5.1-184-g3b5e142701
      		 
      Server has startup warnings:
      		 
      2017-01-12T11:06:36.220-0500 I STORAGE  [initandlisten]
      		 
      2017-01-12T11:06:36.220-0500 I STORAGE  [initandlisten] ** WARNING: Using the XFS filesystem is strongly recommended with the WiredTiger storage engine
      		 
      2017-01-12T11:06:36.220-0500 I STORAGE  [initandlisten] **          See http://dochub.mongodb.org/core/prodnotes-filesystem
      		 
      2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten]
      		 
      2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] ** NOTE: This is a development version (3.5.1-184-g3b5e142701) of MongoDB.
      		 
      2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] **       Not recommended for production.
      		 
      2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten]
      		 
      2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
      		 
      2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
      		 
      2017-01-12T11:06:36.544-0500 I CONTROL  [initandlisten]
      		 
      2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten]
      		 
      2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten] ** WARNING: You are running on a NUMA machine.
      		 
      2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten] **          We suggest launching mongod like this to avoid performance problems:
      		 
      2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten] **              numactl --interleave=all mongod [other options]
      		 
      2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten]
      		 
      2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
      		 
      2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
      		 
      2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten]
      		 
      MongoDB Enterprise >

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. SERVER-35212 URI connection does not default to admin database when no authSource is specified

          • Major - P3 - Major loss of function.
          • Closed

          Activity

            People

              adam.cooper@mongodb.com Adam Cooper (Inactive)
              spencer.jackson@mongodb.com Spencer Jackson
              Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: