[
https://issues.apache.org/jira/browse/SOLR-8346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16854007#comment-16854007
]
Erick Erickson commented on SOLR-8346:
--------------------------------------
[~anshumg] Given SOLR-13507, I made two changes from the current patch:
1. Explicitly set "zookeeper.4lw.commands.whitelist" to "ruok,mntr,conf" when
running embedded ZK rather than "*".
2. Only do (1) if that sysvar isn't already set so we can get by between
releases if it turns out there's another 4-letter word that we need enabled.
So the code in SolrZkServer now looks like:
{code:java}
if (System.getProperty(ZK_WHITELIST_PROPERTY) == null) {
System.setProperty(ZK_WHITELIST_PROPERTY, "ruok, mntr, conf");
}
{code}
rather than
{code}
System.setProperty(ZK_WHITELIST_PROPERTY, "*");
{code}
> Upgrade Zookeeper to version 3.5.5
> ----------------------------------
>
> Key: SOLR-8346
> URL: https://issues.apache.org/jira/browse/SOLR-8346
> Project: Solr
> Issue Type: Task
> Components: SolrCloud
> Reporter: Jan Høydahl
> Assignee: Erick Erickson
> Priority: Major
> Labels: security, zookeeper
> Attachments: SOLR-8346.patch, SOLR-8346.patch, SOLR-8346.patch,
> SOLR-8346.patch, SOLR_8346.patch
>
>
> Investigate upgrading ZooKeeper to 3.5.x, once released. Primary motivation
> for this is SSL support. --Currently a 3.5.4-beta is released (2018-05-17).--
> Version 3.5.5 was released 2019-05-20
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
