That's a good point - if he's talking about securing the Solr filesystem, he can use standard mechanisms.
You can also go beyond user/group/other permissions if your filesystem supports it. You can use Posix ACLs on many local linux filesystems. -----Original Message----- From: Per Steffensen [mailto:st...@designware.dk] Sent: Tuesday, April 14, 2015 8:04 AM To: solr-user@lucene.apache.org Subject: Re: Securing solr index Hi I might misunderstand you, but if you are talking about securing the actual files/folders of the index, I do not think this is a Solr/Lucene concern. Use standard mechanisms of your OS. E.g. on linux/unix use chown, chgrp, chmod, sudo, apparmor etc - e.g. allowing only root to write the folders/files and sudo the user running Solr/Lucene to operate as root in this area. Even admins should not (normally) operate as root - that way they cannot write the files either. No one knows the root-password - except maybe for the super-super-admin, or you split the root-password in two and two admins know a part each, so that they have to both agree in order to operate as root. Be creative yourself. Regards, Per Steffensen On 13/04/15 12:13, Suresh Vanasekaran wrote: > Hi, > > We are having the solr index maintained in a central server and multiple > users might be able to access the index data. > > May I know what are best practice for securing the solr index folder where > ideally only application user should be able to access. Even an admin user > should not be able to copy the data and use it in another schema. > > Thanks > > > > **************** CAUTION - Disclaimer ***************** This e-mail > contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for > the use of the addressee(s). If you are not the intended recipient, > please notify the sender by e-mail and delete the original message. > Further, you are not to copy, disclose, or distribute this e-mail or > its contents to any other person and any such actions are unlawful. > This e-mail may contain viruses. Infosys has taken every reasonable > precaution to minimize this risk, but is not liable for any damage you > may sustain as a result of any virus in this e-mail. You should carry > out your own virus checks before opening the e-mail or attachment. > Infosys reserves the right to monitor and review the content of all > messages sent to or from this e-mail address. Messages sent to or from this > e-mail address may be stored on the Infosys e-mail system. > ***INFOSYS******** End of Disclaimer ********INFOSYS*** >
