[
https://issues.apache.org/jira/browse/SOLR-7125?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14327991#comment-14327991
]
Mark Miller commented on SOLR-7125:
-----------------------------------
bq. I was trying to think of a way other than ZK security to have a default
config that would disable this functionality, but I don't think there's any way
to do it that would still allow zkcli to work.
I think you have two options for real security at this point:
* Lock down access to ZK service, people that have access to ZK may be able to
exploit Solr. Standard situation.
* Allow various clients to access ZK service and use ZK auth controls, most
can't update ZK config, only those that can (if any) may be able to exploit
Solr.
bq. If we don't already have a full section in the ref guide about security,
perhaps we need one.
I think we do need one - we have crept further and further into it, and now we
are pretty deep.
> Allow clients to upload/download configs via CloudSolrClient
> ------------------------------------------------------------
>
> Key: SOLR-7125
> URL: https://issues.apache.org/jira/browse/SOLR-7125
> Project: Solr
> Issue Type: Improvement
> Reporter: Alan Woodward
> Assignee: Alan Woodward
> Priority: Minor
> Fix For: 5.1
>
> Attachments: SOLR-7125.patch, SOLR-7125.patch
>
>
> Adding new configs to ZK is still something of a pain point. We should add
> some helper methods to CloudSolrClient that make this easier.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
