[
https://issues.apache.org/jira/browse/SOLR-14886?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17249854#comment-17249854
]
Isabelle Giguere edited comment on SOLR-14886 at 12/15/20, 6:44 PM:
--------------------------------------------------------------------
[~gerlowskija]
The full stack trace in the error response can be a vulnerability.
As explained by our application security assessment team:
{quote}
Detailed technical error messages can allow an attacker to gain information
about the application and database that could be used to conduct an attack.
This information could include the names of database tables and columns, the
structure of database queries, method names, configuration details, etc.
{quote}
So, OK, no database here. But the basic idea is that the stack trace contains
too much information for a response to the outside world. Stack traces are for
logs, for developers.
It falls into item #6 in the OWASP top 10
https://owasp.org/www-project-top-ten/
"verbose error messages containing sensitive information"
So, either each an every error message needs to be cleaned-up individually,
which is error-prone, or, we don't display any details to the outside world.
Because the stack trace lists all classes and methods, a hacker can determine
which vulnerable library is included on the classpath. So in this sense, even
information about the classpath is sensitive information.
was (Author: igiguere):
[~gerlowskija]
The full stack trace in the error response can be a vulnerability.
As explained by our application security assessment team:
{quote}
Detailed technical error messages can allow an attacker to gain information
about the application and database that could be used to conduct an attack.
This information could include the names of database tables and columns, the
structure of database queries, method names, configuration details, etc.
{quote}
So, OK, no database here. But the basic idea is that the stack trace contains
too much information for a response.
> Suppress stack trace in Query response.
> ---------------------------------------
>
> Key: SOLR-14886
> URL: https://issues.apache.org/jira/browse/SOLR-14886
> Project: Solr
> Issue Type: Improvement
> Affects Versions: 8.6.2
> Reporter: Vrinda Davda
> Priority: Minor
>
> Currently there is no way to suppress the stack trace in solr response when
> it throws an exception, like when a client sends a badly formed query string,
> or exception with status 500 It sends full stack trace in the response.
> I would propose a configuration for error messages so that the stack trace is
> not visible to avoid any sensitive information in the stack trace.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
