logging-log4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Gregory (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (LOG4J2-1820) Log4j 2.8 can lose exceptions when a security manager is present
Date Wed, 22 Feb 2017 04:32:44 GMT

    [ https://issues.apache.org/jira/browse/LOG4J2-1820?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15877457#comment-15877457

Gary Gregory commented on LOG4J2-1820:

Hi All,

It seems that we do not need to worry about cases like {{org.apache.logging.log4j.core.config.xml.XmlConfiguration.XmlConfiguration(LoggerContext,

But what about {{org.apache.logging.log4j.core.selector.ClassLoaderContextSelector.getContext(String,
ClassLoader, boolean, URI):74}}, should that go through LoaderUtils or be in a try/catch?

Could {{org.apache.logging.log4j.web.Log4jWebInitializerImpl.initializeJndi(String)}} be trouble


> Log4j 2.8 can lose exceptions when a security manager is present
> ----------------------------------------------------------------
>                 Key: LOG4J2-1820
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-1820
>             Project: Log4j 2
>          Issue Type: Bug
>    Affects Versions: 2.8
>            Reporter: Jason Tedor
>         Attachments: 0001-Handle-security-exception-on-getting-class-loader.patch
> When Log4j is rendering an exception, it can attempt to access a class loader that it
does not have permissions to access when a security manager is present.
> I have a patch and a failing test case for this; I will submit it shortly.
> This is similar to LOG4J2-1560.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-dev-help@logging.apache.org

View raw message