[
https://issues.apache.org/jira/browse/SOLR-13978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16993055#comment-16993055
]
Noble Paul commented on SOLR-13978:
-----------------------------------
{quote}Its current potential is RCE, so i'd hate to see its full potential. if
its not ready, disable it.
{quote}
I would say we should aggressively blacklist everything that is possibly risky
instead of disabling a critical feature. A few things that come to my mind are
* Velocity
* DIH
* Solr Cell
* ScriptUpdateProcessor
* LTR
please add any if you have more
> Remove bloat from default configset
> -----------------------------------
>
> Key: SOLR-13978
> URL: https://issues.apache.org/jira/browse/SOLR-13978
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Ishan Chattopadhyaya
> Priority: Blocker
> Fix For: 8.4
>
>
> We need to review and remove all components that are not essential for
> search, indexing and other core functionality. Velocity, DIH, etc. should be
> reviewed.
> (Marking this as a 8.4 release blocker).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
