We're using Rails' String#tableize as a collection name in MongoDB,
and I just realized that it would make:
"module_name/class_names"when I was running `mongodump` to dump MongDB data.
The problem is that `mongodump` would treat that "module_name/"
as a directory name, and it won't try to `mkdir` for it, thus failing with:
assertion: 10262 couldn't open file: errno:2 No such file or directoryBecause it cannot find "module_name" as a directory.
I thought it should lookup for a file called exactly "module_name/class_names"
instead of trying to access it as if it's a path of something.
I know it's my bad to use "/" in a collection name, I just didn't know that,
but either it should reject the name, or properly handle this in `mongodump`.
A simple workaround is that just create the directory for it.
Also, I smelled a potential shell injection here. Though if it's really a
shell injection hole, it's only vulnerable by using a malicious collection
name, and MongoDB might have already forbidden that.