janhoy commented on PR #4534:
URL: https://github.com/apache/solr/pull/4534#issuecomment-4779653425

   > One thing I wonder about, superadmin has the security-edit, but nothing 
else. Is having a superadmin really worth it? Granting security seems like an 
admin thing. I guess it's fine...
   
   Fair question. Superadmin can modify security settings and disable security. 
The `admin` role can do lots of admin stuff like collection, configset etc, but 
it makes sense to not also open the door for security edit.
   
   One thing I asked myself the other day is the `security-read` permission. It 
is currently assigned to `admin` role, meaning all admins can read 
`security.json` but not modify it. I **think** this is an ok default since our 
security model demands or will demand that **admin** users are trusted.
   
   Thanks for the review, I'll merge...
   
   PS: Will you file a bug for "ERROR: Index 0 out of bounds for length 0"?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to