Noble Paul created SOLR-14158:
---------------------------------
Summary: package manager to read keys from packagestore and not ZK
Key: SOLR-14158
URL: https://issues.apache.org/jira/browse/SOLR-14158
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: packages
Reporter: Noble Paul
Assignee: Noble Paul
The security of the package system relies on securing ZK. It's much easier for
users to secure the file system than securing ZK.
This will
* disable the remote {{PUT /api/cluster/files}} by default
* The CLI will directly write to the keys to
{{<SOLR_HOME>/filestore/_trusted_keys/}} dir
* The CLI directly writes the package artifacts to the local solr and ask
other nodes to fetch from this node. Nobody can upload executable jars over a
remote call
* Keys stored in ZK will not be used or trusted. So nobody can attack the
cluster by publishing a malicious key into Solr
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
