Sorry for the late reply, been vacationing and busy!
Thanks for getting this going Jan. This is a great SIP.
I've put a good amount of thought into this, especially:
>- Limit what file paths can be read/written
>
>
And I don't think it's an easy thing to solve, but something we certainly
ne
> I know you have under "Rejected Alternatives" the statement "Leaving Solr
unprotected", but honestly, I think that is just too broad of a statement.
I completely agree; that felt wrong when I read that. The SecurityManager
is not Solr's front-line protection mechanism -- that's authentication
Ten is the perfect time to rip it out. Let's separate ripping it out from
"whatever else we decide"... Otherwise we'll bike shed it to death!
I know you have under "Rejected Alternatives" the statement "Leaving Solr
unprotected", but honestly, I think that is just too broad of a statement.
