Noble Paul created SOLR-14158: --------------------------------- Summary: package manager to read keys from packagestore and not ZK Key: SOLR-14158 URL: https://issues.apache.org/jira/browse/SOLR-14158 Project: Solr Issue Type: Bug Security Level: Public (Default Security Level. Issues are Public) Components: packages Reporter: Noble Paul Assignee: Noble Paul
The security of the package system relies on securing ZK. It's much easier for users to secure the file system than securing ZK. This will * disable the remote {{PUT /api/cluster/files}} by default * The CLI will directly write to the keys to {{<SOLR_HOME>/filestore/_trusted_keys/}} dir * The CLI directly writes the package artifacts to the local solr and ask other nodes to fetch from this node. Nobody can upload executable jars over a remote call * Keys stored in ZK will not be used or trusted. So nobody can attack the cluster by publishing a malicious key into Solr -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org For additional commands, e-mail: issues-h...@lucene.apache.org