SMTPAppender security flaw?

[Phillip Qin <pq...@shareowner.com>]

Having played around log4j under security manager, I found that method
activateOptions in SMTPAppender has a "suspicious" security flaw.

The first statement of the method is to System.getProperties. This forces me
to grant read and write permission to * (all system properties) in policy
file. Why can't log4j developers simply get one system property
"mail.smtp.host"?



Regards,

 
 
PQ

"The difference between 'involvement' and 'commitment'
is like an eggs-and-ham breakfast: the chicken was
'involved' - the pig was 'committed'."

RE: SMTPAppender security flaw?

[Scott Heaberlin <he...@yahoo.com>]

This might be a question better suited for the log4j-dev list than the
log4j users list.  log4j-dev@jakarta.apache.org

As a suggestion, you could submit a bug report requesting the SMTP
appender (and perhaps the rest of log4j - it is up to you) only retrieve
the exact properties they need, for security manager reasons.  

The log4j developers for the most part are happy to accommodate
suggestions such as yours to the log4j project, especially those which
would improve the design or implementation for all users.


-Scott Heaberlin

 


---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: log4j-user-help@jakarta.apache.org