[ 
https://issues.apache.org/jira/browse/SOLR-14015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16988628#comment-16988628
 ] 

Dawid Weiss commented on SOLR-14015:
------------------------------------

Oh, I see you managed with those properties. This looks good. Don't worry about 
the gradle counterpart, I'll figure it out later based on what you do on ant 
side. 

> remove blanket filesystem read access from solr-tests.policy
> ------------------------------------------------------------
>
>                 Key: SOLR-14015
>                 URL: https://issues.apache.org/jira/browse/SOLR-14015
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Robert Muir
>            Priority: Major
>             Fix For: 8.4
>
>         Attachments: SOLR-14015.patch
>
>
> The lucene policy is strict and specifies only specific locations.
> Unfortunately currently the solr policy allows read to ALL FILES
> The tests shouldn't be able to read anywhere, e.g. my .ssh/ directory or 
> whatever.
> It is a necessary painful step to eventually eliminate directory traversal 
> attacks, etc.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to