Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 3.6.4, 3.7.3
Affects Version/s: 3.6.2
Component/s: Querying
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v3.6
Sprint:
Query 2018-02-26
Case:
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

When using authentication and log redaction, issuing a find command the query is displayed in the log file if the user is not authorized to run the command:

Using OP_QUERY legacy find

2018-02-13T14:19:54.531-0500 I QUERY    [conn1] assertion Unauthorized: not authorized for query on test.foo ns:test.foo query:{ _id: 123.0 }

Using find command

2018-02-13T14:20:14.811-0500 I ACCESS   [conn2] Unauthorized: not authorized on test to execute command { find: "foo", filter: { _id: 123.0 }, $db: "test" }

is related to

SERVER-34003 passwords are not redacted from unrecognized commands

Closed

related to

SERVER-33857 Missing log redaction due to confusion with Command::redactForLogging()

Closed

Assignee:: David Storch
Reporter:: Ramon Fernandez Marina
Participants:: David Storch, Githook User, Ramon Fernandez Marina
Votes:: 0 Vote for this issue
Watchers:: 5 Start watching this issue

Created:: Feb 13 2018 07:34:09 PM UTC
Updated:: Oct 29 2023 10:34:46 PM UTC
Resolved:: Feb 20 2018 08:12:54 PM UTC
Confidence Status Last Update:: 20/Feb/18 4:59 PM

Details

Description

Using OP_QUERY legacy find

Using find command

Attachments

Issue Links

Forms

Activity

People

Dates