[SERVER-12036] db.createUser not filtered from ctrl+r history search Created: 11/Dec/13 Updated: 13/Jan/14 Resolved: 06/Jan/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.5.4 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | John Morales | Assignee: | Andreas Nilsson |
| Resolution: | Cannot Reproduce | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
OS X 10.8.4 |
||
| Operating System: | ALL |
| Steps To Reproduce: | 1.) Start up 2.5.4 with a --keyFile /path/to/key.file ]}) |
| Participants: |
| Description |
|
While testing the clusterMonitor permission, I noticed the mongo shell was not filtering out my prior db.createUser(...) command.
|
| Comments |
| Comment by John Morales [ 06/Jan/14 ] |
|
Drat, my mistake. I searched back through my console history, and what happened is I had incorrectly shell'ed into my 2.5.4 mongod using an older 2.4.8 mongo shell that was currently on my $PATH. And because it was 2.4.8, db.createUser wasn't filtered from my history (and of course the command failed, which I forgot about). Later on when I shelled into 2.5.4 server using the actual 2.5.4 mongo shell and performed another db.createUser(), the command appeared in my history search, leading me to believe it wasn't filtered. |