[SERVER-9476] Don't log entire command obj for authenticate Created: 25/Apr/13  Updated: 11/Jul/16  Resolved: 14/Nov/13

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.4.3
Fix Version/s: 2.5.4

Type: Bug Priority: Major - P3
Reporter: Randolph Tan Assignee: Andy Schwerin
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Operating System: ALL
Participants:

 Description   

Example log line:

Thu Apr 25 16:35:30.246 [conn1]  authenticate db: test { authenticate: 1, nonce: "ce88504553b16752", user: "z", key: "6deb79af26ebcdd2b2c40438008cb7b0" }

The log entry has more than enough information for any malicious entity to impersonate a user. And even worse, the log will also display an error if authentication fails, so it is easy to tell which users are valid just by examining the logs.



 Comments   
Comment by Githook User [ 14/Nov/13 ]

Author:

{u'username': u'andy10gen', u'name': u'Andy Schwerin', u'email': u'schwerin@10gen.com'}

Message: SERVER-9476 Redact some potentially sensitive information when logging authentications.
Branch: master
https://github.com/mongodb/mongo/commit/f85ceb17b37210eef71e8113162c41368bfd5c12

Comment by Randolph Tan [ 25/Apr/13 ]

Doesn't look as bad as I thought. But I think the key and nonce should probably not be displayed.

Generated at Thu Feb 08 03:20:31 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.