Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14158

package manager to read keys from packagestore and not ZK

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • 8.4
    • 8.4.1
    • packages

    Description

      The security of the package system relies on securing ZK. It's much easier for users to secure the file system than securing ZK.

      We provide an option to read public keys from file store. 

      This will

      • Have a special directory called trusted . Direct writes are forbidden to that directory over http
      • The CLI directly writes to the keys to <SOLR_HOME>/filestore/trusted/keys/ directory. Other nodes are asked to fetch the public key files from that node
      • Package artifacts will continue to be uploaded over http

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1153

          Activity

            People

              noble.paul Noble Paul
              noble.paul Noble Paul
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h