[SERVER-79069] command line censoring can't protect servers on Windows Created: 04/Jun/20  Updated: 18/Jul/23

Status: Backlog
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Minor - P4
Reporter: Billy Donahue Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: triaged
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Windows


Assigned Teams:
Server Security
Operating System: ALL
Participants:

 Description   

The censorArgvArray in 

https://github.com/mongodb/mongo/blob/4ca2f9fe5a11855510d0f69bc863f17c14580a5a/src/mongo/util/cmdline_utils/censor_cmdline.h#L44

censorArgvArray(int argc, char** argv);

 

is meant to overwrite argv to hide command-line secrets from `ps` or `/proc` traversal.

But on Windows, the argv we give is not the real argvW. It's a copy, so modifying it has no effect.

Windows processes have a special undocumented PEB block that may need to be modified to do the censoring properly.


Generated at Thu Feb 08 06:40:00 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.