Currently anyone with HTTP access to Solr can see the Admin UI and all the system properties. In there you find
This means that anyone with this info can shut down Solr by hitting that port with the key (if it is not firewalled).
I think the simple solution is to add STOP.PORT and STOP.KEY from $SOLR_START_OPTS to the $SOLR_JETTY_CONFIG[@] variable. It will still be visible on the cmdline but not over HTTP.