[
https://issues.apache.org/jira/browse/SOLR-5617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13864741#comment-13864741
]
Shawn Heisey commented on SOLR-5617:
------------------------------------
I have figured out a workaround. I've got a config structure that heavily uses
xinclude and symlinks. By changing things around so that only the symlinks
traverse upwards and xinclude only refers to "local" files, I no longer need to
enable unsafe loading.
I still think that it would be useful to fix this issue, but the urgency is
gone.
> Default classloader restrictions may be too tight
> -------------------------------------------------
>
> Key: SOLR-5617
> URL: https://issues.apache.org/jira/browse/SOLR-5617
> Project: Solr
> Issue Type: Bug
> Affects Versions: 4.6
> Reporter: Shawn Heisey
> Labels: security
> Fix For: 5.0, 4.7
>
>
> SOLR-4882 introduced restrictions for the Solr class loader that cause
> resources outside the instanceDir to fail to load. This is a very good goal,
> but what if you have common resources like included config files that are
> outside instanceDir but are still fully inside the solr home?
> I can understand not wanting to load resources from an arbitrary path, but
> the solr home and its children should be about as trustworthy as instanceDir.
> Ideally I'd like to have anything that's in $\{solr.solr.home\} trusted
> automatically. If I need to define a system property to make this happen,
> I'm OK with that -- as long as I don't have to turn off the safety checking
> entirely.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
