lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Per Steffensen <st...@designware.dk>
Subject Re: Securing solr index
Date Wed, 15 Apr 2015 07:24:19 GMT
That said, it might be nice with a wiki-page (or something) explaining 
how it can be done, including maybe concrete cases about exactly how it 
has been done on different installations around the world using Solr

On 14/04/15 14:03, Per Steffensen wrote:
> Hi
>
> I might misunderstand you, but if you are talking about securing the 
> actual files/folders of the index, I do not think this is a 
> Solr/Lucene concern. Use standard mechanisms of your OS. E.g. on 
> linux/unix use chown, chgrp, chmod, sudo, apparmor etc - e.g. allowing 
> only root to write the folders/files and sudo the user running 
> Solr/Lucene to operate as root in this area. Even admins should not 
> (normally) operate as root - that way they cannot write the files 
> either. No one knows the root-password - except maybe for the 
> super-super-admin, or you split the root-password in two and two 
> admins know a part each, so that they have to both agree in order to 
> operate as root. Be creative yourself.
>
> Regards, Per Steffensen
>
> On 13/04/15 12:13, Suresh Vanasekaran wrote:
>> Hi,
>>
>> We are having the solr index maintained in a central server and 
>> multiple users might be able to access the index data.
>>
>> May I know what are best practice for securing the solr index folder 
>> where ideally only application user should be able to access. Even an 
>> admin user should not be able to copy the data and use it in another 
>> schema.
>>
>> Thanks
>>
>>
>>
>> **************** CAUTION - Disclaimer *****************
>> This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended 
>> solely
>> for the use of the addressee(s). If you are not the intended 
>> recipient, please
>> notify the sender by e-mail and delete the original message. Further, 
>> you are not
>> to copy, disclose, or distribute this e-mail or its contents to any 
>> other person and
>> any such actions are unlawful. This e-mail may contain viruses. 
>> Infosys has taken
>> every reasonable precaution to minimize this risk, but is not liable 
>> for any damage
>> you may sustain as a result of any virus in this e-mail. You should 
>> carry out your
>> own virus checks before opening the e-mail or attachment. Infosys 
>> reserves the
>> right to monitor and review the content of all messages sent to or 
>> from this e-mail
>> address. Messages sent to or from this e-mail address may be stored 
>> on the
>> Infosys e-mail system.
>> ***INFOSYS******** End of Disclaimer ********INFOSYS***
>>
>
>


Mime
View raw message