You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2023/02/23 01:53:10 UTC

[james-project] branch 3.7.x updated: JAMES-3881 Unregister LOG4J MBeans (#1459)

This is an automated email from the ASF dual-hosted git repository.

btellier pushed a commit to branch 3.7.x
in repository https://gitbox.apache.org/repos/asf/james-project.git


The following commit(s) were added to refs/heads/3.7.x by this push:
     new 22313d557d JAMES-3881 Unregister LOG4J MBeans (#1459)
22313d557d is described below

commit 22313d557dff3fd6dbba4e6aa5a6df74551fc074
Author: Benoit TELLIER <bt...@linagora.com>
AuthorDate: Thu Feb 23 08:53:06 2023 +0700

    JAMES-3881 Unregister LOG4J MBeans (#1459)
    
    As they might allow arbitrary file read/writes
---
 server/apps/spring-app/pom.xml                       |  3 ++-
 .../apache/james/app/spring/JamesAppSpringMain.java  | 20 ++++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/server/apps/spring-app/pom.xml b/server/apps/spring-app/pom.xml
index 6a32970751..390ace06b6 100644
--- a/server/apps/spring-app/pom.xml
+++ b/server/apps/spring-app/pom.xml
@@ -48,10 +48,11 @@
         <javamail.system-property8>-Dmail.mime.encodeparameters=true</javamail.system-property8>
         <javamail.system-property9>-Dmail.mime.decodeparameters=true</javamail.system-property9>
         <javamail.system-property10>-Dmail.mime.address.strict=false</javamail.system-property10>
+        <javamail.system-property11>-Djames.jmx.unregister.log4j.mbeans=true</javamail.system-property11>
         <javamail.system-properties>${javamail.system-property1} ${javamail.system-property2}
             ${javamail.system-property3} ${javamail.system-property4} ${javamail.system-property5}
             ${javamail.system-property6} ${javamail.system-property7} ${javamail.system-property8}
-            ${javamail.system-property9} ${javamail.system-property10}</javamail.system-properties>
+            ${javamail.system-property9} ${javamail.system-property10} ${javamail.system-property11}</javamail.system-properties>
 
         <!-- JMX system properties -->
         <!-- For more details see -->
diff --git a/server/apps/spring-app/src/main/java/org/apache/james/app/spring/JamesAppSpringMain.java b/server/apps/spring-app/src/main/java/org/apache/james/app/spring/JamesAppSpringMain.java
index 9c0d2364a0..7366395b6c 100644
--- a/server/apps/spring-app/src/main/java/org/apache/james/app/spring/JamesAppSpringMain.java
+++ b/server/apps/spring-app/src/main/java/org/apache/james/app/spring/JamesAppSpringMain.java
@@ -18,23 +18,33 @@
  ****************************************************************/
 package org.apache.james.app.spring;
 
+import java.lang.management.ManagementFactory;
 import java.util.Calendar;
 
+import javax.management.MBeanServer;
+import javax.management.ObjectName;
+import javax.management.QueryExp;
+
 import org.apache.commons.daemon.Daemon;
 import org.apache.commons.daemon.DaemonContext;
 import org.apache.james.container.spring.context.JamesServerApplicationContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.github.fge.lambdas.Throwing;
+
 /**
  * Bootstraps James using a Spring container.
  */
 public class JamesAppSpringMain implements Daemon {
+    private static final ObjectName ALL_OBJECT_NAME = null;
+    private static final QueryExp ALL_QUERY_EXP = null;
 
     private static final Logger log = LoggerFactory.getLogger(JamesAppSpringMain.class.getName());
     private JamesServerApplicationContext context;
 
     public static void main(String[] args) throws Exception {
+        unregisterLog4JMBeans();
 
         long start = Calendar.getInstance().getTimeInMillis();
 
@@ -47,6 +57,16 @@ public class JamesAppSpringMain implements Daemon {
 
     }
 
+    private static void unregisterLog4JMBeans() {
+        if (System.getProperty("james.jmx.unregister.log4j.mbeans", "true").equals("true")) {
+            MBeanServer platformMBeanServer = ManagementFactory.getPlatformMBeanServer();
+            platformMBeanServer.queryMBeans(ALL_OBJECT_NAME, ALL_QUERY_EXP)
+                .stream()
+                .filter(objectInstance -> objectInstance.getClassName().startsWith("org.apache.logging.log4j"))
+                .forEach(Throwing.consumer(objectInstance -> platformMBeanServer.unregisterMBean(objectInstance.getObjectName())));
+        }
+    }
+
     @Override
     public void destroy() {
     }


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org