lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <j...@apache.org>
Subject [jira] [Updated] (SOLR-7889) Secure ZooKeeper should be easy and the default
Date Fri, 07 Aug 2015 07:59:46 GMT

     [ https://issues.apache.org/jira/browse/SOLR-7889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jan Høydahl updated SOLR-7889:
------------------------------
    Description: 
ZooKeeper security is documented at https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control
but is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O

As we enable more and more security stuff, securing ZK should be easier to do and ideally
the default. This is an umbrella for such improvements.

When all of this is in place and working, perhaps even Solr should refuse to start if Auth/Autz
plugins are in use and ZK communication is not properly protected, e.g. require {{bin/solr
start --insecure}} to override.

  was:
ZooKeeper security is documented at https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control
but is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O

As we enable more and more security stuff, securing ZK should be easier to do and ideally
the default.

The {{DefaultZkACLProvider}} should by default require admin access for all operations including
read of {{/security.json}}, and other sensitive paths. Today this is left to the user to implement.

Move manual env-var instructions from documentation into start scripts, with defaults for
read-only and admin user passwords.

Perhaps even Solr should refuse to start if ZK communication is not ACL protected, encrypted
and if default admin passwd is not changed. Overrideable with a new option {{bin/solr start
--insecure}}

Let this JIRA be an umbrella for several child tasks.


> Secure ZooKeeper should be easy and the default
> -----------------------------------------------
>
>                 Key: SOLR-7889
>                 URL: https://issues.apache.org/jira/browse/SOLR-7889
>             Project: Solr
>          Issue Type: Improvement
>          Components: security
>            Reporter: Jan Høydahl
>            Priority: Critical
>              Labels: security, zookeeper
>
> ZooKeeper security is documented at https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control
but is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O
> As we enable more and more security stuff, securing ZK should be easier to do and ideally
the default. This is an umbrella for such improvements.
> When all of this is in place and working, perhaps even Solr should refuse to start if
Auth/Autz plugins are in use and ZK communication is not properly protected, e.g. require
{{bin/solr start --insecure}} to override.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message