[
https://issues.apache.org/jira/browse/SOLR-527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585253#action_12585253
]
Hoss Man commented on SOLR-527:
-------------------------------
For the record: allowing arbitrary outside parties the ability to issue commits
on a slave is almost as dangerous as allowing adds/deletes. while the data
itself can't be poisoned using a commit, you could DOS the slave with trashing
as it warms searchers over and over again.
if the goal is a read only slave that can still be triggered to load new
snapshots, perhaps an alternate method on shapshot loading (that isn't net
accessible) is in order ... ie: A variation on autocommit that polls the index
dir periodically to see if it has changed.
> An XML commit only request handler
> ----------------------------------
>
> Key: SOLR-527
> URL: https://issues.apache.org/jira/browse/SOLR-527
> Project: Solr
> Issue Type: New Feature
> Components: update
> Affects Versions: 1.3
> Reporter: Sean Timm
> Priority: Trivial
> Attachments: ReadOnlyUpdateProcessorFactory.java,
> ReadOnlyUpdateProcessorFactory.java, SOLR-527.patch
>
>
> This request handler only permits <commit/> messages. It is provided as one
> way to prevent adds and deletes on a Solr slave machine that could
> potentially be accessed by outside parties where a firewall or other access
> control is either not possible or not desired.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
