Empty paths in config file should not be treated as relative path

XMLWordPrintableJSON

    • Type: Improvement
    • Resolution: Unresolved
    • Priority: Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Internal Code
    • Server Security
    • Fully Compatible
    • Service arch 2020-10-05
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Some config options specify the path to a file. Some of these treat an empty value as a relative path, which causes the option value to be the current working directory. This is normally not useful or intentional, and is likely to result in a cryptic error message later when the code attempts to use (what it expects to be) a file. Instead, the empty option value should be detected directly, and a straightforward error message returned.

      For example, if the config file inadvertently contains:

      ...
security:
    keyFile:
...

      Then this can result in the following misleading error message(s):

      $ mongod --config test.conf
2017-11-10T14:16:12.547+1100 I ACCESS   [main] permissions on /home/kev are too open
$ mkdir test
$ cd test
$ chmod 700 .
$ mongod --config ~/test.conf
2017-11-10T14:16:16.846+1100 I ACCESS   [main] error reading file: /home/kev/test

      These error messages are not particularly useful in figuring out that the problem is that security.keyFile is empty.

      The same is true with the command-line options:

      $ mongod --keyFile ""
2017-11-10T14:17:26.763+1100 I ACCESS   [main] permissions on /home/kev are too open
$ cd test
$ mongod --keyFile ""
2017-11-10T14:17:31.047+1100 I ACCESS   [main] error reading file: /home/kev/test

      The problem is that if keyFile has been set, then even if the value is an empty string, it still gets passed to boost::filesystem::absolute:

          if (params.count("security.keyFile")) {
        serverGlobalParams.keyFile =
            boost::filesystem::absolute(params["security.keyFile"].as<string>()).generic_string();
        serverGlobalParams.authState = ServerGlobalParams::AuthState::kEnabled;
    }

      The value needs to be checked, and the user informed directly that an empty value is invalid, eg:

          if (params.count("security.keyFile")) {
        auto keyFile = params["security.keyFile"].as<string>();
        if (keyFile.empty()) {
            return Status(ErrorCodes::BadValue, "--keyFile cannot be empty");
        }
        serverGlobalParams.keyFile = boost::filesystem::absolute(keyFile).generic_string();
        serverGlobalParams.authState = ServerGlobalParams::AuthState::kEnabled;
    }

      Other similarly affected config options:

            Assignee:
            [DO NOT USE] Backlog - Security Team
            Reporter:
            Kevin Pulo
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated: