You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "Paul Burrowes (Jira)" <ji...@apache.org> on 2021/07/02 03:23:00 UTC
[jira] [Created] (LOG4J2-3117) Log rollover throws
AccessControlException if called from an unprivileged context
Paul Burrowes created LOG4J2-3117:
-------------------------------------
Summary: Log rollover throws AccessControlException if called from an unprivileged context
Key: LOG4J2-3117
URL: https://issues.apache.org/jira/browse/LOG4J2-3117
Project: Log4j 2
Issue Type: Bug
Reporter: Paul Burrowes
Similar to LOG4J2-150. When using a security manager, logging from an unprivileged context can attempt to access system properties directly. It is likely, though not yet tested that other privileged actions such as creating files during rollover will also fail. I believe rollover should be performed inside a {{doPrivileged}} block.
{code:java}
java.security.AccessControlException: access denied ("java.util.PropertyPermission" "user.dir" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1294)
at java.lang.System.getProperty(System.java:717)
at java.io.UnixFileSystem.resolve(UnixFileSystem.java:133)
at java.io.File.getAbsolutePath(File.java:556)
at org.apache.logging.log4j.core.appender.rolling.action.FileRenameAction.execute(FileRenameAction.java:161)
at org.apache.logging.log4j.core.appender.rolling.action.FileRenameAction.execute(FileRenameAction.java:66)
at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.rollover(RollingFileManager.java:369)
at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.rollover(RollingFileManager.java:278)
at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.checkRollover(RollingFileManager.java:218)
at org.apache.logging.log4j.core.appender.RollingFileAppender.append(RollingFileAppender.java:267)
at org.apache.logging.log4j.core.config.AppenderControl.tryCallAppender(AppenderControl.java:156)
at org.apache.logging.log4j.core.config.AppenderControl.callAppender0(AppenderControl.java:129)
at org.apache.logging.log4j.core.config.AppenderControl.callAppenderPreventRecursion(AppenderControl.java:120)
at org.apache.logging.log4j.core.config.AppenderControl.callAppender(AppenderControl.java:84)
at org.apache.logging.log4j.core.config.LoggerConfig.callAppenders(LoggerConfig.java:448)
at org.apache.logging.log4j.core.config.LoggerConfig.processLogEvent(LoggerConfig.java:433)
at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:417)
at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:403)
at org.apache.logging.log4j.core.config.AwaitCompletionReliabilityStrategy.log(AwaitCompletionReliabilityStrategy.java:63)
at org.apache.logging.log4j.core.Logger.logMessage(Logger.java:146)
at org.apache.log4j.Category.maybeLog(Category.java:452)
at org.apache.log4j.Category.info(Category.java:262)
at MySipServlet.sendInviteToMediaServer(MySipServlet.java:614)
at MySipServlet.doInvite(MySipServlet.java:119)
at javax.servlet.sip.SipServlet.doRequest(Unknown Source)
at MySipServlet.doRequest(MySipServlet.java:768)
at javax.servlet.sip.SipServlet.service(Unknown Source)
at MyServletHandler$2.call(MyServletHandler.java:344)
at MyServletHandler$2.call(MyServletHandler.java:341)
at MyEventHandler.doInvocation(MyEventHandler:182)
at MyEventHandler.deliverEvent(MyEventHandler:154)
at MyEventHandler.processEvent(MyEventHandler:98)
at MyEventRouter.run(MyEventRouter:100)
at MyContextLogger$1.run(MyContextLogger:24)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at MyExecutorThreadFactory$1$1.run(MyExecutorThreadFactory:458)
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)