lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Miller (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SOLR-7125) Allow clients to upload/download configs via CloudSolrClient
Date Wed, 18 Feb 2015 21:01:11 GMT

    [ https://issues.apache.org/jira/browse/SOLR-7125?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14326553#comment-14326553
] 

Mark Miller commented on SOLR-7125:
-----------------------------------

bq. This is only on CloudSolrClient, not over HTTP.

But CloudSolrClient does go over http doesnt it?

bq. If a black hat has access to your zookeeper there's not a lot we can do to help you 

We have security controls for zookeeper now - you can have a CloudSolrClient, you can have
limited Zk perms for a Solr space (read only even for CloudSolrClient). That's all fine. We
can't allow a guy in that situation to be able to root the Solr instance machine from another
machine. That is a large security hole.

> Allow clients to upload/download configs via CloudSolrClient
> ------------------------------------------------------------
>
>                 Key: SOLR-7125
>                 URL: https://issues.apache.org/jira/browse/SOLR-7125
>             Project: Solr
>          Issue Type: Improvement
>            Reporter: Alan Woodward
>            Assignee: Alan Woodward
>            Priority: Minor
>             Fix For: 5.1
>
>         Attachments: SOLR-7125.patch
>
>
> Adding new configs to ZK is still something of a pain point.  We should add some helper
methods to CloudSolrClient that make this easier.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message