diff options
author | antirez <antirez@gmail.com> | 2014-12-13 08:57:06 +0100 |
---|---|---|
committer | antirez <antirez@gmail.com> | 2014-12-13 09:00:03 +0100 |
commit | 02d465c8fed757053d135d4fb3f412fd7a5d9821 (patch) | |
tree | e065f18a18d98a46361128a3aece1ea4ed5084a6 | |
parent | 4d8f4262a46db9785edf22f84d1f090fe10e6bb4 (diff) | |
download | redis-02d465c8fed757053d135d4fb3f412fd7a5d9821.tar.gz |
Don't log admin commands in MONITOR.
Otherwise there are security risks, especially when providing Redis as a
service, the user may "sniff" for admin commands renamed to an
unguessable string via rename-command in redis.conf.
-rw-r--r-- | src/redis.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/redis.c b/src/redis.c index c35b3fa13..85fcc8e42 100644 --- a/src/redis.c +++ b/src/redis.c @@ -1938,7 +1938,7 @@ void call(redisClient *c, int flags) { * not generated from reading an AOF. */ if (listLength(server.monitors) && !server.loading && - !(c->cmd->flags & REDIS_CMD_SKIP_MONITOR)) + !(c->cmd->flags & (REDIS_CMD_SKIP_MONITOR|REDIS_CMD_ADMIN))) { replicationFeedMonitors(c,server.monitors,c->db->id,c->argv,c->argc); } |