[SERVER-12049] Redact password data from profiler/slowms output for user management commands Created: 11/Dec/13 Updated: 11/Jul/16 Resolved: 15/Jan/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Logging |
| Affects Version/s: | 2.5.4 |
| Fix Version/s: | 2.5.5 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Andreas Nilsson | Assignee: | Andreas Nilsson |
| Resolution: | Done | Votes: | 0 |
| Labels: | 26qa | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||
| Operating System: | ALL | ||||||||||||||||
| Steps To Reproduce: | Reproduce: ) } server log output: ], ordered: true } keyUpdates:0 reslen:40 12ms ], ordered: true } keyUpdates:0 reslen:40 2ms |
||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
Any command running for longer than the profiling limit slowms will be outputted in its entirety to the log. More specifically If I create the admin DB through a createUser command the user's username and password will be outputted in clear with default profiling since the command runs for longer than 100 ms doing index creation. Lowering the slowms variable will give more frequent command output. |
| Comments |
| Comment by Githook User [ 15/Jan/14 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |