[jira] [Commented] (SOLR-8099) Remove sleep() function / ValueSourceParser
[ https://issues.apache.org/jira/browse/SOLR-8099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15491557#comment-15491557 ] Shawn Heisey commented on SOLR-8099: This issue turned up in an IRC discussion. Somebody wanted to use the sleep function for some testing they were doing. It took some headscratching and digging to determine that the function requires TWO parameters, and help from Hoss to determine exactly what that second parameter does. IMHO, any function we have should be documented, even those that are only used for testing. I understand the security risk mentioned up above, so perhaps a general config option that enables risky behavior could be implemented, and the availability of the sleep function could be one of the things controlled by that option. > Remove sleep() function / ValueSourceParser > --- > > Key: SOLR-8099 > URL: https://issues.apache.org/jira/browse/SOLR-8099 > Project: Solr > Issue Type: Improvement >Reporter: Ishan Chattopadhyaya > Labels: security > Fix For: 5.5 > > Attachments: SOLR-8099.patch, SOLR-8099.patch, SOLR-8099.patch > > > As per Doug Turnbull, the sleep() represents a security risk. > {noformat} > I noticed a while back that "sleep" is a function query. Which I > believe means I can make the current query thread sleep for as long as I > like. > I'm guessing an attacker could use this to starve Solr of threads, running > a denial of service attack by running multiple queries with sleeps in them. > Is this a concern? I realize there may be test purposes to sleep a function > query, but I'm trying to think if there's really practical purpose to > having sleep here. > Best, > -Doug > {noformat} > This issue is to remove it, since it is neither documented publicly, nor used > internally very much, apart from one test suite. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-8099) Remove sleep() function / ValueSourceParser
[ https://issues.apache.org/jira/browse/SOLR-8099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15034085#comment-15034085 ] Ishan Chattopadhyaya commented on SOLR-8099: Both these were added by [~ysee...@gmail.com] in SOLR-3685 (https://svn.apache.org/viewvc?view=revision=1370297). Is it supposed to be useful for tests which are under consideration? Or is it dead code which is safe to remove? > Remove sleep() function / ValueSourceParser > --- > > Key: SOLR-8099 > URL: https://issues.apache.org/jira/browse/SOLR-8099 > Project: Solr > Issue Type: Improvement >Reporter: Ishan Chattopadhyaya > Labels: security > Fix For: 5.4 > > Attachments: SOLR-8099.patch > > > As per Doug Turnbull, the sleep() represents a security risk. > {noformat} > I noticed a while back that "sleep" is a function query. Which I > believe means I can make the current query thread sleep for as long as I > like. > I'm guessing an attacker could use this to starve Solr of threads, running > a denial of service attack by running multiple queries with sleeps in them. > Is this a concern? I realize there may be test purposes to sleep a function > query, but I'm trying to think if there's really practical purpose to > having sleep here. > Best, > -Doug > {noformat} > This issue is to remove it, since it is neither documented publicly, nor used > internally very much, apart from one test suite. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-8099) Remove sleep() function / ValueSourceParser
[ https://issues.apache.org/jira/browse/SOLR-8099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15034117#comment-15034117 ] Yonik Seeley commented on SOLR-8099: They are useful for manual testing. I've often used sleep for testing timeout situations. I used the threadid s long time ago to verify that thread pools were behaving as expected so we wouldn't use more thread locals than expected (this dates back to when Lucene used more thread-locals). Whether sleep should be considered a security issue? shrug. What if it was modified to respect any timeAllowed parameter? w/o a timeAllowed, there are dozens of ways I could construct requests that would take a *long* time and suck up a lot more resources than sleep does. > Remove sleep() function / ValueSourceParser > --- > > Key: SOLR-8099 > URL: https://issues.apache.org/jira/browse/SOLR-8099 > Project: Solr > Issue Type: Improvement >Reporter: Ishan Chattopadhyaya > Labels: security > Fix For: 5.4 > > Attachments: SOLR-8099.patch, SOLR-8099.patch > > > As per Doug Turnbull, the sleep() represents a security risk. > {noformat} > I noticed a while back that "sleep" is a function query. Which I > believe means I can make the current query thread sleep for as long as I > like. > I'm guessing an attacker could use this to starve Solr of threads, running > a denial of service attack by running multiple queries with sleeps in them. > Is this a concern? I realize there may be test purposes to sleep a function > query, but I'm trying to think if there's really practical purpose to > having sleep here. > Best, > -Doug > {noformat} > This issue is to remove it, since it is neither documented publicly, nor used > internally very much, apart from one test suite. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org