[SOLR-5518] Move editing config files into a new handler - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: 4.7, 6.0
Fix Version/s: 4.7, 6.0
Component/s: None
Labels:
None

Description

See ~~SOLR-5287~~. Uwe Schindler pointed out that writing files the way 5287 is a security vulnerability and that disabling it should be the norm. Subsequent discussion came up with this idea.

Writing arbitrary config files should NOT be on by default.

We'll also incorporate Mark's idea of testing XML files before writing anywhere.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SOLR-5518.patch
01/Dec/13 02:26
51 kB
Erick Erickson
SOLR-5518.patch
02/Dec/13 02:40
50 kB
Erick Erickson

Issue Links

blocks

SOLR-5287 Allow at least solrconfig.xml and schema.xml to be edited via the admin screen

Closed

is related to

SOLR-5539 Admin UI - Remove ability to create/modify files

Closed

relates to

SOLR-5523 Implement proper security when writing config files to Solr

Resolved

SOLR-5522 Pull modifying the Solr config documents out of Solr 4.x

Closed

SOLR-1523 Destructive Solr operations accept HTTP GET requests

Closed

Activity

People

Assignee:: Erick Erickson

Reporter:: Erick Erickson

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 30/Nov/13 23:44

Updated:: 09/May/16 18:45

Resolved:: 03/Dec/13 02:07