[steffan]

Defaults have long been changed to prevent listening on 0.0.0.0 by default; this has been the case since May of 2017, over 4 years ago. In order for this to occur, a user has to explicitly turn on listening on all interfaces.

In conjunction with this, prudence would dictate that you enable authentication as well. In this case, it seems that reliance was placed on Docker to maintain iptables settings to disallow connections from untrusted IPs and that iptables setting was reset.

As always, defense in depth is a good strategy; authentication in addition to firewall rules would have prevented this.

[patrakov]

Defaults don't matter as long as they are overridden in the official Docker image. And because of the way network works in Docker, they can't listen on anything else than 0.0.0.0 in their image.

[haimez]

Thanks for the info, I haven’t payed attention to mongo since the last time I was personally burned by data corruption in the pre-2017 and web-scale (/dev/null db) era. Sounds there’s a mix of blame to go around- but it also sounds like exactly the MongoDB era I remember and hate. They know very well what their dockerhub image install looks like, and if they didn’t like it- they could request a change.

Edit: they/(you || your employer). I know it gets tedious, but calling out your conflicts of interest can save everyone a lot of time.

[steffan]

(Earlier in the thread I mentioned my affiliation - I am not commenting in any official capacity here)

Sorry about your prior experience. I think early versions assumed a systems knowledge that was at odds with the idea that anyone could just start using a database without any prior database knowledge.