You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "Ishan Chattopadhyaya (Jira)" <ji...@apache.org> on 2023/04/29 05:08:00 UTC

[jira] [Created] (SOLR-16776) Disable remote streaming by default using sysprop

Ishan Chattopadhyaya created SOLR-16776:
-------------------------------------------

Summary: Disable remote streaming by default using sysprop
Key: SOLR-16776
URL: https://issues.apache.org/jira/browse/SOLR-16776
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Reporter: Ishan Chattopadhyaya

Remote streaming is a vulnerability in Solr that allows a user to make Solr talk to arbitrary HTTP servers. It is disabled by default, but easily enabled using config API. This issue is to disable it more properly, at a node level, and add an additional system property per node to disable it by default. To continue using this feature, pass {{-Denable.remote.streams=true}} to the startup, and then enable it on a per collection/configset basis as needed.

As per Skay's report [https://twitter.com/Skay_00/status/1646870062601756672|https://twitter.com/Skay_00/status/1646870062601756672),] remote code execution is possible in unsecured Solr clusters where authentication hasn't been enabled. This ticket is to mitigate one aspect of that, i.e. remote streaming. While our recommendation to all users remains the same, i.e. to secure Solr installations with authentication and authorization, I thank Skay for his detailed report.

--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org