[
https://issues.apache.org/jira/browse/SOLR-5518?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Uwe Schindler updated SOLR-5518:
--------------------------------
Description:
See SOLR-5287. Uwe Schindler pointed out that writing files the way 5287 is a
security vulnerability and that disabling it should be the norm. Subsequent
discussion came up with this idea.
Writing arbitrary config files should NOT be on by default.
We'll also incorporate Mark's idea of testing XML files before writing anywhere.
was:
See SOLr-5287. Uwe Schindler pointed out that writing files the way 5287 is a
security vulnerability and that disabling it should be the norm. Subsequent
discussion came up with this idea.
Writing arbitrary config files should NOT be on by default.
We'll also incorporate Mark's idea of testing XML files before writing anywhere.
> Move editing config files into a new handler
> --------------------------------------------
>
> Key: SOLR-5518
> URL: https://issues.apache.org/jira/browse/SOLR-5518
> Project: Solr
> Issue Type: Improvement
> Affects Versions: 5.0, 4.7
> Reporter: Erick Erickson
> Assignee: Erick Erickson
> Priority: Blocker
> Attachments: SOLR-5518.patch
>
>
> See SOLR-5287. Uwe Schindler pointed out that writing files the way 5287 is a
> security vulnerability and that disabling it should be the norm. Subsequent
> discussion came up with this idea.
> Writing arbitrary config files should NOT be on by default.
> We'll also incorporate Mark's idea of testing XML files before writing
> anywhere.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
