On 1/6/2014 11:18 AM, Shawn Heisey wrote:
Even if you disable admin handlers so that it's impossible to gather full information about your schema and other settings, generating legitimate queries is probably enough for an attacker to get the information they need.
Self-replying on this point: If you *don't* disable admin handlers, an attacker would also be able to simply unload the core and ask Solr to delete it from disk.
A side effect of disabling admin handlers is that the admin UI won't work either. In terms of security hardening, that's a good thing ... but it makes it *very* difficult to gather useful information about your installation's health.
Thanks, Shawn
