[ https://issues.apache.org/jira/browse/SOLR-15525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17382380#comment-17382380 ]
Chris M. Hostetter commented on SOLR-15525: ------------------------------------------- {quote}Are you going to work on 15548 before 8.10 is released? {quote} I dunno when/if I'll push forward on that (was trying to prod you into posting feedback on the idea :) ) .. but in general I don't like making "plans" about whether some change will be ready by the time a particular version is released. Code should be committed if/when it's "ready", and backported if/when it's "safe". {quote}I'm dis-inclined to revert my commit (not sure if that's what you're suggesting I do?) {quote} No, Not at all – just pointing out some questions/concerns/suggestions to see how you felt about them ... "patch feedback" that just happened to be after you already committed. I might try to design a more robust "FineGrainedFileBasedZkACLProvider" that automatically registers a ZkCredentialsProvider based on the ACLs in the file, but that's no reason not to move forward with what you have done already. > Provide zkCredentialsProvider and zkACLProvider that loads credentials from a > file or env vars instead of sys props > ------------------------------------------------------------------------------------------------------------------- > > Key: SOLR-15525 > URL: https://issues.apache.org/jira/browse/SOLR-15525 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security > Reporter: Timothy Potter > Assignee: Timothy Potter > Priority: Minor > Fix For: main (9.0), 8.10 > > Time Spent: 3h 10m > Remaining Estimate: 0h > > Currently, the {{VMParamsSingleSetCredentialsDigestZkCredentialsProvider}} > and {{VMParamsAllAndReadonlyDigestZkACLProvider}} load ZK credentials from > Java system properties. Solr should provide an alternative impl to load this > information from a file (and maybe env vars too). This avoids leaking the > credentials in the JVM system properties that get logged as well as shown in > the UI. > It would also be nice if this file could store the credentials encrypted, as > suggested by SOLR-11655, however that requires a global encryption password > (such as http://www.jasypt.org/) so is merely security through obscurity b/c > anyone with shell access could track down this encryption password and > decrypt the ZK credentials in the file. Of course every Solr node has its own > private key for the PKI auth frmk, but that's not helpful for this problem > because the encryption key needs to be shared among all the nodes so they can > decrypt the ZK creds. So I'm going to skip that part for now and just > implement loading the plain-text creds from a file. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org