[
https://issues.apache.org/jira/browse/SOLR-15875?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17464795#comment-17464795
]
Ishan Chattopadhyaya commented on SOLR-15875:
---------------------------------------------
Fyi, there's already a concept of environment in Solr.
https://solr.apache.org/guide/8_2/taking-solr-to-production.html#environment-banner-in-admin-ui
> Gate defaults on a "env" for Solr: prod, dev
> --------------------------------------------
>
> Key: SOLR-15875
> URL: https://issues.apache.org/jira/browse/SOLR-15875
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: David Smiley
> Priority: Major
>
> In an effort to increase Solr's security posture, yet also retain convenient
> ease-of-use defaults, I propose that a Solr node may be started with an
> environment setting to differentiation production from development; perhaps
> others. This ought to be a 1st class bin/solr CLI flag. Certain settings
> that are security sensitive can then gate the default based on being in dev
> mode or not. Possible examples are enabling the Java SecurityManager, Solr's
> runtime config APIs, port binding to local-host or not,
> enable.dih.dataConfigParam.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
