You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "David Smiley (Jira)" <ji...@apache.org> on 2023/04/30 16:32:00 UTC

[jira] [Updated] (SOLR-15875) Gate defaults on an "env" (mode) for Solr: prod, dev, test

     [ https://issues.apache.org/jira/browse/SOLR-15875?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David Smiley updated SOLR-15875:
--------------------------------
    Summary: Gate defaults on an "env" (mode) for Solr: prod, dev, test  (was: Gate defaults on a "env" for Solr: prod, dev)

> Gate defaults on an "env" (mode) for Solr: prod, dev, test
> ----------------------------------------------------------
>
>                 Key: SOLR-15875
>                 URL: https://issues.apache.org/jira/browse/SOLR-15875
>             Project: Solr
>          Issue Type: Improvement
>            Reporter: David Smiley
>            Priority: Major
>
> In an effort to increase Solr's security posture, yet also retain convenient ease-of-use defaults, I propose that a Solr node may be started with an environment setting to differentiation production from development; perhaps others.  This ought to be a 1st class bin/solr CLI flag.  Certain settings that are security sensitive can then gate the default based on being in dev mode or not.  Possible examples are enabling the Java SecurityManager, Solr's runtime config APIs, port binding to local-host or not, enable.dih.dataConfigParam.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org