SOLR-14147 change the Security manager to default to true. (#1141)

* change the Security manager to default. * update the ref-guide. * uncomment init scripts update changes. * changed the ref guide and re-commented file. * remove added comment. * modified shell script. * removed comment in windows file. Signed-off-by: marcussorealheis <marcuseagan@gmail.com> * bashism and fix windows * remove space Signed-off-by: marcussorealheis <marcuseagan@gmail.com>
2020-02-05 16:17:55 -08:00 · 2020-02-05 16:17:55 -08:00 · bc5f837344
parent 93b83f635d
commit bc5f837344
6 changed files with 16 additions and 13 deletions
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@ -82,6 +82,8 @@ Upgrade Notes
  Administrators that need Solr exposed more broadly can change the SOLR_JETTY_HOST property in their Solr include
  (solr.in.sh/solr.in.cmd) file. (Jason Gerlowski, David Smiley, Robert Muir)

+* SOLR-14147: Solr now runs with the java security manager enabled by default. Administrators that need to run Solr with Hadoop will need to disable this feature by setting SOLR_SECURITY_MANAGER=false in the environment or in one of the Solr init scripts. Other features in Solr could also break. (Robert Muir, marcussorealheis) 
+
 Improvements
 ----------------------

--- a/solr/bin/solr
+++ b/solr/bin/solr
@ -2086,12 +2086,12 @@ else
  REMOTE_JMX_OPTS=()
 fi

-# Enable java security manager (limiting filesystem access and other things)
-if [ "$SOLR_SECURITY_MANAGER_ENABLED" == "true" ]; then
+# Enable java security manager (allowing filesystem access and other things)
+if [ "${SOLR_SECURITY_MANAGER_ENABLED:-true}" == "true" ]; then
  SECURITY_MANAGER_OPTS=('-Djava.security.manager' \
-    "-Djava.security.policy=${SOLR_SERVER_DIR}/etc/security.policy" \
-    "-Djava.security.properties=${SOLR_SERVER_DIR}/etc/security.properties" \
-    '-Dsolr.internal.network.permission=*')
+      "-Djava.security.policy=${SOLR_SERVER_DIR}/etc/security.policy" \
+      "-Djava.security.properties=${SOLR_SERVER_DIR}/etc/security.properties" \
+      '-Dsolr.internal.network.permission=*')
 else
  SECURITY_MANAGER_OPTS=()
 fi
--- a/solr/bin/solr.cmd
+++ b/solr/bin/solr.cmd
@ -1187,7 +1187,11 @@ IF "%ENABLE_REMOTE_JMX_OPTS%"=="true" (
  set REMOTE_JMX_OPTS=
 )

-REM Enable java security manager (limiting filesystem access and other things)
+REM Enable java security manager by default (limiting filesystem access and other things)
+IF NOT DEFINED SOLR_SECURITY_MANAGER_ENABLED (
+  set SOLR_SECURITY_MANAGER_ENABLED=true
+)
+
 IF "%SOLR_SECURITY_MANAGER_ENABLED%"=="true" (
  set SECURITY_MANAGER_OPTS=-Djava.security.manager ^
 -Djava.security.policy="%SOLR_SERVER_DIR%\etc\security.policy" ^
--- a/solr/bin/solr.in.cmd
+++ b/solr/bin/solr.in.cmd
@ -17,6 +17,7 @@
@echo off

 REM Settings here will override settings in existing env vars or in bin/solr.  The default shipped state
+
 REM of this file is completely commented.

 REM By default the script will use JAVA_HOME to determine which java
@ -197,4 +198,4 @@ REM Runs solr in a java security manager sandbox. This can protect against some
 REM Runtime properties are passed to the security policy file (server\etc\security.policy)
 REM You can also tweak via standard JDK files such as ~\.java.policy, see https://s.apache.org/java8policy
 REM This is experimental! It may not work at all with Hadoop/HDFS features.
-REM set SOLR_SECURITY_MANAGER_ENABLED=false
+REM set SOLR_SECURITY_MANAGER_ENABLED=true
--- a/solr/bin/solr.in.sh
+++ b/solr/bin/solr.in.sh
@ -229,4 +229,4 @@
 # Runtime properties are passed to the security policy file (server/etc/security.policy)
 # You can also tweak via standard JDK files such as ~/.java.policy, see https://s.apache.org/java8policy
 # This is experimental! It may not work at all with Hadoop/HDFS features.
-#SOLR_SECURITY_MANAGER_ENABLED=false
+#SOLR_SECURITY_MANAGER_ENABLED=true
--- a/solr/solr-ref-guide/src/securing-solr.adoc
+++ b/solr/solr-ref-guide/src/securing-solr.adoc
@ -79,7 +79,6 @@ SOLR_IP_BLACKLIST="192.168.0.3, 192.168.0.4"
 ZooKeeper is a central and important part of a SolrCloud cluster and understanding how to secure
 its content is covered in the <<zookeeper-access-control.adoc#zookeeper-access-control,ZooKeeper Access Control>> page.

-
 == Network Configuration

 // tag::security-network-binding-1[]
@ -95,6 +94,3 @@ It is also strongly recommended that Solr listen to only those network interface
 ----
 // end::security-network-binding-1[]

-== Enable Security Manager
-
-Solr can run in a Java Security Manager sandbox by setting `SOLR_SECURITY_MANAGER_ENABLED=true` via environment variable or in `solr.in.sh`/`solr.in.cmd`. This feature is incompatible with Hadoop.