David Smiley created SOLR-15875:
-----------------------------------
Summary: Gate defaults on a "env" for Solr: prod, dev
Key: SOLR-15875
URL: https://issues.apache.org/jira/browse/SOLR-15875
Project: Solr
Issue Type: Improvement
Security Level: Public (Default Security Level. Issues are Public)
Reporter: David Smiley
In an effort to increase Solr's security posture, yet also retain convenient
ease-of-use defaults, I propose that a Solr node may be started with an
environment setting to differentiation production from development; perhaps
others. This ought to be a 1st class bin/solr CLI flag. Certain settings that
are security sensitive can then gate the default based on being in dev mode or
not. Possible examples are enabling the Java SecurityManager, Solr's runtime
config APIs, port binding to local-host or not, enable.dih.dataConfigParam.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
