You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Forest Soup (JIRA)" <ji...@apache.org> on 2016/02/29 08:03:18 UTC
[jira] [Updated] (SOLR-8756) Need 4 config
"zkDigestUsername"/"zkDigestPassword"/"zkDigestReadonlyUsername"/ solr.xml
[ https://issues.apache.org/jira/browse/SOLR-8756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Forest Soup updated SOLR-8756:
------------------------------
Summary: Need 4 config "zkDigestUsername"/"zkDigestPassword"/"zkDigestReadonlyUsername"/ solr.xml (was: Need 4 config "zkDigestUsername"/"zkDigestPassword"/ solr.xml)
> Need 4 config "zkDigestUsername"/"zkDigestPassword"/"zkDigestReadonlyUsername"/ solr.xml
> -----------------------------------------------------------------------------------------
>
> Key: SOLR-8756
> URL: https://issues.apache.org/jira/browse/SOLR-8756
> Project: Solr
> Issue Type: Bug
> Components: security, SolrCloud
> Affects Versions: 5.3.1
> Environment: Linux 64bit
> Reporter: Forest Soup
> Labels: security
>
> Need 4 config in <solrhome>/solr.xml instead of -D parameter in solr.in.sh.
> like below:
> <solr>
> <solrcloud>
> <str name="zkDigestUsername">zkusername</str>
> <str name="zkDigestPassword">zkpassword</str"zkDigestUsername">
> <str name="zkDigestReadonlyUsername">zkreadonlyusername</str>
> <str name="zkDigestReadonlyUsername">readonlypassword</str"zkDigestUsername">
> ...
> Otherwise, any user can use the linux "ps" command showing the full command line including the plain text zookeeper username and password. If we use file store them, we can control the access of the file not to leak the username/password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org