gerlowskija commented on code in PR #3272:
URL: https://github.com/apache/solr/pull/3272#discussion_r2006263832
##########
solr/modules/scripting/src/java/org/apache/solr/scripting/xslt/XSLTUpdateRequestHandler.java:
##########
@@ -93,14 +93,6 @@ public void load(
return;
}
- if (req.getCore().getCoreDescriptor().isConfigSetTrusted() == false) {
Review Comment:
[Q] See review comment on ScriptUpdateProcessorFactory, also applicable here.
##########
solr/modules/scripting/src/java/org/apache/solr/scripting/update/ScriptUpdateProcessorFactory.java:
##########
@@ -216,13 +215,6 @@ void setScriptEngineCustomizer(ScriptEngineCustomizer
scriptEngineCustomizer) {
@Override
public void inform(SolrCore core) {
- if (!core.getCoreDescriptor().isConfigSetTrusted()) {
Review Comment:
[Q] Configset "trustedness" is going away, but that doesn't make
`ScriptUpdateProcessorFactory` any less risky to run. What do you all think of
logging a warning here to flag this for folks? e.g.
```
log.warn("{} loaded for core {}: this URP allows the running of arbitrary
scripts and should not generally be run in environments without authc/authz
enabled. Carefully consider the security ramifications for your environment,
and proceed with caution.", this.getClass().getSimpleName(), core.getName());
```
(I'll avoid duplicating my PR comment, but the same comment goes for
`XSLTUpdateRequestHandler` as well.)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
