lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <>
Subject [jira] [Updated] (SOLR-7890) By default require admin rights to access /security.json in ZK
Date Tue, 04 Sep 2018 08:21:00 GMT


Jan Høydahl updated SOLR-7890:
    Fix Version/s:     (was: 6.0)

> By default require admin rights to access /security.json in ZK
> --------------------------------------------------------------
>                 Key: SOLR-7890
>                 URL:
>             Project: Solr
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>            Priority: Major
>         Attachments: SOLR-7890.patch
> Perhaps {{VMParamsAllAndReadonlyDigestZkACLProvider}} should by default require admin
access for read/write of {{/security.json}}, and other sensitive paths. Today this is left
to the user to implement.
> Also, perhaps factor out the already-known sensitive paths into a separate class, so
that various {{ACLProvider}} implementations can get a list of paths that should be admin-only,
read-only etc from one central place. Then 3rd party impls pulling ZK creds from elsewhere
will still do the right thing in the future if we introduce other sensitive Znodes...

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message