[SERVER-12713]  Redact db.changeUserPassword() from shell command history Created: 13/Feb/14  Updated: 10/Dec/14  Resolved: 18/Feb/14

Status: Closed
Project: Core Server
Component/s: Security, Shell
Affects Version/s: 2.4.9
Fix Version/s: None

Type: Bug Priority: Trivial - P5
Reporter: Jeffery Schnick Assignee: Unassigned
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates SERVER-9939 createUser and updateUser commands ar... Closed
Operating System: ALL
Steps To Reproduce:

[root@localhost ~]# mongo admin -u thisguy -p oldpassword --port 27001
MongoDB shell version: 2.4.9
connecting to: 127.0.0.1:27001/admin
testset2:PRIMARY> db.changeUserPassword("thisguy", "newpassword")
testset2:PRIMARY> exit
bye
[root@localhost ~]# mongo admin -u thisguy -p newpassword --port 27001
MongoDB shell version: 2.4.9
connecting to: 127.0.0.1:27001/admin
testset2:PRIMARY> exit
bye

  1. Login as a different user
    [root@localhost ~]# mongo admin -u daddy -p password --port 27001
    MongoDB shell version: 2.4.9
    connecting to: 127.0.0.1:27001/admin
  2. up arrow
    testset2:PRIMARY> db.changeUserPassword("thisguy", "newpassword")
Participants:

 Description   

The db.changeUserPassword() is in history. Any user that can connect to the mongo shell can use the uparrow to see the changed password in plain text.

Workaround:
Prehash the password and change it with something like the following:

db.system.users.update(

{ "pwd" : "' + hashedoldpassword + '"}

, { $set:

{ "pwd" : "' + hashednewpassword + '"}

} )



 Comments   
Comment by Daniel Pasette (Inactive) [ 18/Feb/14 ]

fixed in 2.5.1: SERVER-9939

Comment by James Wahlin [ 13/Feb/14 ]

Hi Jeffery,

This is a valid feature request. I do want to point out though that the shell will write history to a local file called ".dbshell". If the shell can derive a user directory it will write this under that directory, if not it will write to the current directory. If you have a standard user that people log in under one workaround is to create this file yourself and restrict writing to it for that user. The shell will still launch and be usable but it will not be able to write history.

Cheers,
James

Generated at Thu Feb 08 03:29:21 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.