Permission of .dbshell file

[mska...@redhat.com]

Hi,
I would like to discuss a resolution of this bug - https://jira.mongodb.org/browse/SERVER-25335

On most linux distributions .dbshell file is world-readable (everyone can read it). The resolution of mentioned bug is that this permission depends on default umask settings, however other software does not rely only on default umask and behave more securely - for example bash stores its history (.bash_history) with stronger permission than specified by umask...

Why mongoDB does not use the same approach?

Thanks,
Marek

[Asya Kamsky]

Marek,

That ticket has been reopened to discuss possible correct resolutions to it.

It's not unreasonable to want the shell and its history file creation to follow the same pattern that bash and its history file uses, which is _not_ using umask setting but rather setting its permission to be more secure.

Asya

--
You received this message because you are subscribed to the Google Groups "mongodb-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-dev+unsubscribe@googlegroups.com.
To post to this group, send email to mongo...@googlegroups.com.
Visit this group at https://groups.google.com/group/mongodb-dev.
For more options, visit https://groups.google.com/d/optout.

--

Asya Kamsky
Lead Product Manager
MongoDB
Download MongoDB - mongodb.org/downloads
Free MongoDB Monitoring - cloud.mongodb.com
Free Online Education - university.mongodb.com
Get Involved - mongodb.org/community
We're Hiring! - https://www.mongodb.com/careers