lucene-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Muir (Jira)" <j...@apache.org>
Subject [jira] [Created] (SOLR-13993) sandbox velocity template render
Date Mon, 02 Dec 2019 22:11:01 GMT
Robert Muir created SOLR-13993:
----------------------------------

             Summary: sandbox velocity template render
                 Key: SOLR-13993
                 URL: https://issues.apache.org/jira/browse/SOLR-13993
             Project: Solr
          Issue Type: Improvement
      Security Level: Public (Default Security Level. Issues are Public)
            Reporter: Robert Muir


This thing seems dangerous :)

Making the whole solr secure is a whole nother thing: (see e.g. SOLR-13991 and we haven't
even gotten started). Its pretty difficult to convert whole large app to work securely. It
is going to take time.

In the meantime, if we have things that might do something dangerous, and security manager
is enabled, we can put them into a special little sandbox and throw away the key: for example
we can intentionally discard permissions we don't need so they can't launch stuff, if we really
don't trust them, we can start filtering what classes classloader will load.

This isn't that crazy at all to do, e.g. your web browser does similar tricks to try to sandbox
specific parts that might do something unexpected and cause security issue.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org


Mime
View raw message