[
https://issues.apache.org/jira/browse/SOLR-8440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16001492#comment-16001492
]
Jan Høydahl commented on SOLR-8440:
-----------------------------------
I'm just pointing out that whatever we add to {{solr.in.sh}} will in some way
end up as Java Properties on the command line when Solr is started, and the
"superuser" password may therefore leak out to users logged in with a read-only
password, say, for search only.
Strictly speaking, is there any reason why the {{bin/solr start}} command
should need to pass {{SOLR_AUTHENTICATION_OPTS}} on the command line? Solr will
start without a password, it is only the other CLI commands that need
authentication. So if we instead remove these from the *start* command, there
should be no problem having plain-text password in solr.in.sh. Of course, an
attacker with access to the server could run {{ps}} and reveal the password if
there is a long-running {{bin/solr}} command being run just then.
bq. BTW what are the default file-permissions for the solr.in.sh ? Is it world
readable?
I checked a Solr installed using install_solr_service.sh and found this to be
world readable:
{noformat}
-rw-r--r-- 1 root root 5968 Feb 15 14:55 /etc/default/solr.in.sh
{noformat}
For better security, I guess this should rather have been
{noformat}
-rw-r----- 1 root solr 5968 Feb 15 14:55 /etc/default/solr.in.sh
{noformat}
or perhaps rw for 'solr' user, if the start script needs to modify it.
> Script support for enabling basic auth
> --------------------------------------
>
> Key: SOLR-8440
> URL: https://issues.apache.org/jira/browse/SOLR-8440
> Project: Solr
> Issue Type: New Feature
> Components: scripts and tools
> Reporter: Jan Høydahl
> Assignee: Ishan Chattopadhyaya
> Labels: authentication, security
> Attachments: SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch,
> SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch
>
>
> Now that BasicAuthPlugin will be able to work without an AuthorizationPlugin
> (SOLR-8429), it would be sweet to provide a super simple way to "Password
> protect Solr"™ right from the command line:
> {noformat}
> bin/solr basicAuth -adduser -user solr -pass SolrRocks
> {noformat}
> It would take the mystery out of enabling one single password across the
> board. The command would do something like this
> # Check if HTTPS is enabled, and if not, print a friendly warning
> # Check if {{/security.json}} already exists
> ## NO => create one with only plugin class defined
> ## YES => Abort if exists but plugin is not {{BasicAuthPlugin}}
> # Using security REST API, add the new user
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
