lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <>
Subject [jira] [Assigned] (SOLR-7890) By default require admin rights to access /security.json in ZK
Date Fri, 21 Aug 2015 13:04:45 GMT


Jan Høydahl reassigned SOLR-7890:

    Assignee: Jan Høydahl

> By default require admin rights to access /security.json in ZK
> --------------------------------------------------------------
>                 Key: SOLR-7890
>                 URL:
>             Project: Solr
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>             Fix For: Trunk
>         Attachments: SOLR-7890.patch
> Perhaps {{VMParamsAllAndReadonlyDigestZkACLProvider}} should by default require admin
access for read/write of {{/security.json}}, and other sensitive paths. Today this is left
to the user to implement.
> Also, perhaps factor out the already-known sensitive paths into a separate class, so
that various {{ACLProvider}} implementations can get a list of paths that should be admin-only,
read-only etc from one central place. Then 3rd party impls pulling ZK creds from elsewhere
will still do the right thing in the future if we introduce other sensitive Znodes...

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message