[
https://issues.apache.org/jira/browse/SOLR-14158?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17007103#comment-17007103
]
David Smiley commented on SOLR-14158:
-------------------------------------
Ideally abstractions are in place that allow both. I'm not sure we should be
forcing people to use the File Store _yet_. It's very new.
> package manager to read keys from packagestore and not ZK
> ----------------------------------------------------------
>
> Key: SOLR-14158
> URL: https://issues.apache.org/jira/browse/SOLR-14158
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: packages
> Reporter: Noble Paul
> Assignee: Noble Paul
> Priority: Major
> Labels: packagemanager
>
> The security of the package system relies on securing ZK. It's much easier
> for users to secure the file system than securing ZK.
> This will
> * disable the remote {{PUT /api/cluster/files}} by default
> * The CLI will directly write to the keys to
> {{<SOLR_HOME>/filestore/_trusted_keys/}} dir
> * The CLI directly writes the package artifacts to the local solr and ask
> other nodes to fetch from this node. Nobody can upload executable jars over a
> remote call
> * Keys stored in ZK will not be used or trusted. So nobody can attack the
> cluster by publishing a malicious key into Solr
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
