You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "Timothy Potter (Jira)" <ji...@apache.org> on 2021/07/09 16:24:00 UTC

[jira] [Commented] (SOLR-15525) Provide zkCredentialsProvider and zkACLProvider that loads credentials from a file or env vars instead of sys props

    [ https://issues.apache.org/jira/browse/SOLR-15525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17378153#comment-17378153 ] 

Timothy Potter commented on SOLR-15525:
---------------------------------------

As a really simple hack, we could alter the {{VMParamsSingleSetCredentialsDigestZkCredentialsProvider}} and {{VMParamsAllAndReadonlyDigestZkACLProvider}} to support a syntax like: {{env:PASSWORD_IN_ENV_VAR}} to allow loading the passwords from an environment variable instead of a system property ...

> Provide zkCredentialsProvider and zkACLProvider that loads credentials from a file or env vars instead of sys props
> -------------------------------------------------------------------------------------------------------------------
>
>                 Key: SOLR-15525
>                 URL: https://issues.apache.org/jira/browse/SOLR-15525
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: security
>            Reporter: Timothy Potter
>            Assignee: Timothy Potter
>            Priority: Major
>
> Currently, the {{VMParamsSingleSetCredentialsDigestZkCredentialsProvider}} and {{VMParamsAllAndReadonlyDigestZkACLProvider}} load ZK credentials from Java system properties. Solr should provide an alternative impl to load this information from a file (and maybe env vars too). This avoids leaking the credentials in the JVM system properties that get logged as well as shown in the UI.
> It would also be nice if this file could store the credentials encrypted, as suggested by SOLR-11655, however that requires a global encryption password (such as http://www.jasypt.org/) so is merely security through obscurity b/c anyone with shell access could track down this encryption password and decrypt the ZK credentials in the file. Of course every Solr node has its own private key for the PKI auth frmk, but that's not helpful for this problem because the encryption key needs to be shared among all the nodes so they can decrypt the ZK creds. So I'm going to skip that part for now and just implement loading the plain-text creds from a file.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org