mirror of
https://github.com/apache/lucene.git
synced 2025-02-09 11:35:14 +00:00
126d6b7767
* SOLR-13984: add (experimental, disabled by default) security manager support. User can set SOLR_SECURITY_MANAGER_ENABLED=true to enable security manager at runtime. The current policy file used by tests is moved to solr/server Additional permissions are granted for the filesystem locations set by bin/solr, and networking everywhere is enabled. This takes advantage of the fact that permission entries are ignored if properties are not defined: https://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html#PropertyExp
25 lines
1.2 KiB
Properties
25 lines
1.2 KiB
Properties
#
|
|
# Licensed to the Apache Software Foundation (ASF) under one or more
|
|
# contributor license agreements. See the NOTICE file distributed with
|
|
# this work for additional information regarding copyright ownership.
|
|
# The ASF licenses this file to You under the Apache License, Version 2.0
|
|
# (the "License"); you may not use this file except in compliance with
|
|
# the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
# command-line security properties file
|
|
#
|
|
# By default, when enabling security manager, DNS lookups are cached indefinitely,
|
|
# as protection against DNS spoofing. We set this back to the default (non-security-manager)
|
|
# value of 30 seconds, to prevent surprising behavior (e.g. nodes in cloud environments without
|
|
# static IP addresses). Users concerned about DNS spoofing should instead follow best practices:
|
|
# populating solr.shardsWhitelist, enabling TLS, etc.
|
|
networkaddress.cache.ttl=30
|