[LOG4J2-1563] Log4j 2.6.2 can lose exceptions when a security manager is present - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.6.2
Fix Version/s: 2.7
Component/s: Core
Labels:
None

Flags:

Patch
External issue URL:
https://github.com/elastic/elasticsearch/issues/20304
External issue ID:
20304

Description

When Log4j is rendering an exception, it can attempt to load classes that it does not have permissions to load when a security manager is present.

I have a patch and a failing test case for this; I will submit it shortly.

This is the backport for ~~LOG4J2-1560~~.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

throwable-proxy-security-exception-2.6.2.patch
04/Sep/16 16:11
5 kB
Jason E Tedor
0002-Remove-policy-in-throwable-proxy-security-test.patch
12/Sep/16 01:25
5 kB
Jason E Tedor
0001-Unify-handling-of-throwables-when-loading-class.patch
12/Sep/16 01:26
1 kB
Jason E Tedor

Issue Links

is related to

LOG4J2-1820 Log4j 2.8 can lose exceptions when a security manager is present

Resolved

Activity

People

Assignee:

Gary D. Gregory

Reporter:

Jason E Tedor

Votes:

0 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

04/Sep/16 16:10

Updated:

18/Feb/17 05:07

Resolved:

07/Sep/16 02:23