Also, some people might want the config API to be enabled in Prod. I wonder if there was a way to make it simple for folks to easily “do the right thing”, but no otherwise decide for them which API’s are available or not?
> On Mar 27, 2020, at 12:22 PM, Jan Høydahl (Jira) <j...@apache.org> wrote: > > > [ > https://issues.apache.org/jira/browse/SOLR-14049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17068844#comment-17068844 > ] > > Jan Høydahl commented on SOLR-14049: > ------------------------------------ > > We already have the option {{-Dsolr.environment=prod|test|dev}} which will > add a red red/yellow/green color to the Admin UI to alert you of what env you > are in. See > https://lucene.apache.org/solr/guide/8_5/taking-solr-to-production.html#environment-banner-in-admin-ui > > So if we extended that, using it as a "mode" flag, we could issue a fat > warning in the log or even disable config API for "prod". > Problem is, how to enforce that people need to set that flag in order to use > in production? > One way could be to only allow localhost network interface in dev mode, or to > assume that if your ZK_HOST has >1 ZK listed, then you are definitely in > production or some staging, and then require the prod flag. All of this feels > a bit shaky, and as Robert mentinoned in another issue, people could in fact > run solr on local network interface and still use in production due to some > special setup. > >> Disable Config APIs by default >> ------------------------------ >> >> Key: SOLR-14049 >> URL: https://issues.apache.org/jira/browse/SOLR-14049 >> Project: Solr >> Issue Type: Improvement >> Reporter: Ishan Chattopadhyaya >> Priority: Major >> >> Spin off from SOLR-13978. This is not my proposal (I support this only >> conditionally), I'm just opening the JIRA. >> Proposal is to do this by 8.4. Reason is that Config APIs have been used in >> the past to invoke RCE vulnerabilities in some components of Solr. >> The discussion has happened in SOLR-13978. I am willing to do the work once >> we have agreement on this. > > > > -- > This message was sent by Atlassian Jira > (v8.3.4#803005) > > --------------------------------------------------------------------- > To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org > For additional commands, e-mail: issues-h...@lucene.apache.org > _______________________ Eric Pugh | Founder & CEO | OpenSource Connections, LLC | 434.466.1467 | http://www.opensourceconnections.com <http://www.opensourceconnections.com/> | My Free/Busy <http://tinyurl.com/eric-cal> Co-Author: Apache Solr Enterprise Search Server, 3rd Ed <https://www.packtpub.com/big-data-and-business-intelligence/apache-solr-enterprise-search-server-third-edition-raw> This e-mail and all contents, including attachments, is considered to be Company Confidential unless explicitly stated otherwise, regardless of whether attachments are marked as such.
