[SERVER-31046] Remove sensitive information from logging of parsed options during mongod startup Created: 11/Sep/17 Updated: 30/Oct/23 Resolved: 06/Oct/17 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Logging, Security |
| Affects Version/s: | None |
| Fix Version/s: | 3.4.11, 3.6.0-rc0 |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Andrey Brindeyev | Assignee: | Andrey Brindeyev |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Backport Requested: |
v3.4
|
||||||||
| Sprint: | Platforms 2017-10-23 | ||||||||
| Participants: | |||||||||
| Case: | (copied to CRM) | ||||||||
| Description |
|
Right now the security.ldap.bind.queryPassword configuration option and --ldapQueryPassword contents is logged within [initandlisten] options: log line. mongod is suppose to remove such sensitive information from the log file. |
| Comments |
| Comment by Githook User [ 26/Oct/17 ] |
|
Author: {'email': 'andrey.brindeyev@mongodb.com', 'name': 'Andrey Brindeyev'}Message: (cherry picked from commit ea3890b98c6e3eefd056d68a67d39bab697992ad) |
| Comment by Githook User [ 06/Oct/17 ] |
|
Author: {'email': 'andrey.brindeyev@mongodb.com', 'name': 'Andrey Brindeyev'}Message: |