[jira] [Commented] (SOLR-15525) Provide zkCredentialsProvider and zkACLProvider that loads credentials from a file or env vars instead of sys props

[ASF subversion and git services (Jira)]

    [ 
https://issues.apache.org/jira/browse/SOLR-15525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17382194#comment-17382194
 ] 

ASF subversion and git services commented on SOLR-15525:
--------------------------------------------------------

Commit 65595b7c90b1a2f5f2ae16467ab415396be1bc36 in lucene-solr's branch 
refs/heads/branch_8x from Timothy Potter
[ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=65595b7 ]

SOLR-15525: Read ZK credentials from a file specified using a system property 
instead of exposing plain-text credentials (#2532)



> Provide zkCredentialsProvider and zkACLProvider that loads credentials from a 
> file or env vars instead of sys props
> -------------------------------------------------------------------------------------------------------------------
>
>                 Key: SOLR-15525
>                 URL: https://issues.apache.org/jira/browse/SOLR-15525
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: security
>            Reporter: Timothy Potter
>            Assignee: Timothy Potter
>            Priority: Minor
>             Fix For: main (9.0), 8.10
>
>          Time Spent: 3h 10m
>  Remaining Estimate: 0h
>
> Currently, the {{VMParamsSingleSetCredentialsDigestZkCredentialsProvider}} 
> and {{VMParamsAllAndReadonlyDigestZkACLProvider}} load ZK credentials from 
> Java system properties. Solr should provide an alternative impl to load this 
> information from a file (and maybe env vars too). This avoids leaking the 
> credentials in the JVM system properties that get logged as well as shown in 
> the UI.
> It would also be nice if this file could store the credentials encrypted, as 
> suggested by SOLR-11655, however that requires a global encryption password 
> (such as http://www.jasypt.org/) so is merely security through obscurity b/c 
> anyone with shell access could track down this encryption password and 
> decrypt the ZK credentials in the file. Of course every Solr node has its own 
> private key for the PKI auth frmk, but that's not helpful for this problem 
> because the encryption key needs to be shared among all the nodes so they can 
> decrypt the ZK creds. So I'm going to skip that part for now and just 
> implement loading the plain-text creds from a file.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org