Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14158

package manager to read keys from packagestore and not ZK

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 8.4
    • Fix Version/s: 8.4.1
    • Component/s: packages
    • Labels:

      Description

      The security of the package system relies on securing ZK. It's much easier for users to secure the file system than securing ZK.

      We provide an option to read public keys from file store. 

      This will

      • Have a special directory called trusted . Direct writes are forbidden to that directory over http
      • The CLI directly writes to the keys to <SOLR_HOME>/filestore/trusted/keys/ directory. Other nodes are asked to fetch the public key files from that node
      • Package artifacts will continue to be uploaded over http

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                noble.paul Noble Paul
                Reporter:
                noble.paul Noble Paul
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h