Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-52537

Mongostat,mongotop and other similar mongo commands are showing password in plain text on linux ps commands

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • Labels:

      Hi Team,

          We are running a few mongo commands using script and during those commands execution the passwords provided in -p option is coming with plain text when checked using ps commands on linux, where ps command is used to list the background processes running on linux systems. If I am not wrong, when mongo commands are checked on ps the -p parameter should sensor the passwords as xxxx. But however in our case it is not working for mongostat,mongotop and few other mongo commands and they are as follows


      $ ps -ef | grep mongostat

      myuser 19499 16437 10 06:10 ? 00:00:00 /usr/bin/mongostat --quiet -u readonly -p mypassword@123 --authenticationDatabase admin -o host,insert,query,update,delete,set,repl -h ......... n 1


      $ ps -ef | grep mongotop


      myuser 7232 7108 1 06:13 ? 00:00:00 /usr/bin/mongotop --quiet -u readonly -p mypassword@123 --authenticationDatabase admin -h host:27720 -n 1

      $ while true; do ps -ef | grep mongo | grep authenticationDatabase | grep -v mongostat | grep -v mongotop;done
      root 19213 19202 0 06:15 ? 00:00:00 /usr/bin/mongo --ipv6 --quiet -u readonly -p mypassword@123 --authenticationDatabase admin --port 27717 --eval rs.status()

      Mongo version used on our environment

      [root@vm01 ~]# mongo --version
      MongoDB shell version v3.6.17
      git version: 3d6953c361213c5bfab23e51ab274ce592edafe6
      OpenSSL version: OpenSSL 1.1.1c FIPS 28 May 2019
      allocator: tcmalloc
      modules: none
      build environment:
      distmod: rhel80
      distarch: x86_64
      target_arch: x86_64


      [root@vm01~]# rpm -qa | grep mongo

      kindly help us in hiding the information on ps commands given the fact mongo already has an option to hide these values


      Thanks and Regards,


      Kindly help us on how to avoid hiding the passowrds in ps given the fact it is already available in mongo

            eric.sedor@mongodb.com Eric Sedor
            rizwiazhar@gmail.com Azhar Yousuf
            0 Vote for this issue
            4 Start watching this issue