[jira] [Commented] (SOLR-15875) Gate defaults on a "env" for Solr: prod, dev

Thu, 23 Dec 2021 11:53:05 -0800 


    [ 
https://issues.apache.org/jira/browse/SOLR-15875?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17464769#comment-17464769
 ] 

David Smiley commented on SOLR-15875:
-------------------------------------

I proposed this idea earlier this year, May 2021 [on the Solr users 
list|https://lists.apache.org/thread/m688v96wwhhwdk9jwzy8yobk05gr4sr2] – the 
thread is worth re-reading.

We could assume a new Solr env variable, SOLR_ENV that is maybe dev by default. 
 In env=dev, we'd only listen to local-host (which is the new default in 9 any 
way, if I recall).  I suppose prod should be no different in what to listen to 
(also localhost limited by default)?

In order to make this idea really useful / meaningful, I propose the bold step 
of env=prod setting {{disable.configEdit=true}} (currently undocumented!) – 
SOLR-14049.  Without such moves, perhaps the effort to introduce this new env 
setting is too weak.  As I re-read SOLR-14049 now with comments at the bottom 
from [~epugh]  and [~janhoy] that propose a rather different approach to 
locking down Solr generally (not specific to config edits), I think those ideas 
need to be reconciled with this JIRA.

{*}Also, this should be a SIP{*}.

> Gate defaults on a "env" for Solr: prod, dev
> --------------------------------------------
>
>                 Key: SOLR-15875
>                 URL: https://issues.apache.org/jira/browse/SOLR-15875
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: David Smiley
>            Priority: Major
>
> In an effort to increase Solr's security posture, yet also retain convenient 
> ease-of-use defaults, I propose that a Solr node may be started with an 
> environment setting to differentiation production from development; perhaps 
> others.  This ought to be a 1st class bin/solr CLI flag.  Certain settings 
> that are security sensitive can then gate the default based on being in dev 
> mode or not.  Possible examples are enabling the Java SecurityManager, Solr's 
> runtime config APIs, port binding to local-host or not, 
> enable.dih.dataConfigParam.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org

Reply via email to