[SERVER-31176] mongo shell should use stderr for password prompt Created: 20/Sep/17 Updated: 08/Jan/24 Resolved: 21/Sep/17 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Shell |
| Affects Version/s: | None |
| Fix Version/s: | 3.2.18, 3.4.10, 3.6.0-rc0 |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Kevin Pulo | Assignee: | Kevin Pulo |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Backwards Compatibility: | Minor Change | ||||
| Backport Requested: |
v3.4, v3.2
|
||||
| Participants: | |||||
| Description |
|
If a plain -p or --password is passed to the mongo shell, it will interactively prompt the user for their password (which is entered without terminal echo). This is well-known to be more secure than providing the password on the command line (which can cause it to accidentally end up in the user's bash history file, or be visible during screen sharing, for example). Currently the shell uses stdout for this "Enter password:" prompt, which causes it to be mixed in with the actual output, and if the output has been redirected, requires users to "blindly" type their password without a prompt. Outputting the prompt to stderr, rather than to stdout, will fix this problem and bring the shell into line with user expectations (based on the common behaviour of other *nix utilities, including the other MongoDB command line tools (ie. mongodump et al, although they require that no -p option is passed)). Currently:
Desired/expected:
|
| Comments |
| Comment by Githook User [ 04/Oct/17 ] |
|
Author: {'email': 'kevin.pulo@mongodb.com', 'name': 'Kevin Pulo', 'username': 'devkev'}Message: (cherry picked from commit 48cdb7d69246339e097bf23ec0e6b9187a3f9221) |
| Comment by Githook User [ 04/Oct/17 ] |
|
Author: {'email': 'kevin.pulo@mongodb.com', 'name': 'Kevin Pulo', 'username': 'devkev'}Message: (cherry picked from commit 48cdb7d69246339e097bf23ec0e6b9187a3f9221) |
| Comment by Githook User [ 21/Sep/17 ] |
|
Author: {'email': 'kevin.pulo@mongodb.com', 'name': 'Kevin Pulo', 'username': 'devkev'}Message: |