Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-27655

Redact echoed mongo shell URIs

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security, Shell
    • Labels:
      None
    • Security 2019-08-26, Security 2019-09-09

      By default, when you run the shell with a URI, it will echo the URI to the output. This URI will sometimes include passwords. It can be suppressed by running the shell with `--quiet`, but this will also surpress the server's startup warnings. This output could be redacted.

      Example:

      % ./mongo --quiet mongodb://admin:admin@localhost
MongoDB Enterprise > ^C
% ./mongo mongodb://admin:admin@localhost                                                                                                                      
MongoDB shell version v3.5.1-62-g2962b34c53
connecting to: mongodb://admin:admin@localhost
MongoDB server version: 3.5.1-184-g3b5e142701
Server has startup warnings:
2017-01-12T11:06:36.220-0500 I STORAGE  [initandlisten]
2017-01-12T11:06:36.220-0500 I STORAGE  [initandlisten] ** WARNING: Using the XFS filesystem is strongly recommended with the WiredTiger storage engine
2017-01-12T11:06:36.220-0500 I STORAGE  [initandlisten] **          See http://dochub.mongodb.org/core/prodnotes-filesystem
2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten]
2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] ** NOTE: This is a development version (3.5.1-184-g3b5e142701) of MongoDB.
2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] **       Not recommended for production.
2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten]
2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2017-01-12T11:06:36.543-0500 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2017-01-12T11:06:36.544-0500 I CONTROL  [initandlisten]
2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten]
2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten] ** WARNING: You are running on a NUMA machine.
2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten] **          We suggest launching mongod like this to avoid performance problems:
2017-01-12T11:06:36.545-0500 I CONTROL  [initandlisten] **              numactl --interleave=all mongod [other options]
2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten]
2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2017-01-12T11:06:36.546-0500 I CONTROL  [initandlisten]
MongoDB Enterprise >

            Assignee:
            adam.cooper@mongodb.com Adam Cooper (Inactive)
            Reporter:
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            1 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: