[jira] [Commented] (LOG4J2-1699) Configurable Log File Permissions with PosixFilePermission

Fri, 23 Jun 2017 23:31:02 -0700 

    [ 
https://issues.apache.org/jira/browse/LOG4J2-1699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16061825#comment-16061825
 ] 

Pierrick HYMBERT commented on LOG4J2-1699:
------------------------------------------

I think the goal is reached with this first version, then we should wait users 
feedback if it matches requirements.

Also before to freeze this new API, I would like to have feedback from the 
log4j team about following point:

# Is XML Configuration tag should be shortenen, filePermissions=>perm, 
fileOwner=>usr, fileGroup=>grp, PosixViewAttribute=>PosixAttr ?
# It is not clear what to do if posix attribute view are defined and the 
underlying files system does not support it ?
# Should we catch UnsupportedOperationException and OperationNotPermitted 
exception ?
# In 
org.apache.logging.log4j.core.appender.rolling.DirectWriteRolloverStrategy.rollover(RollingFileManager),
 I apply again file attribute, I think it is wrong because file is the same as 
the current file name, please confirm
# Should we imagine now an entry point for other FileAttributeView types: 
AclFileAttributeView, DosFileAttributeView ? 

> Configurable Log File Permissions with PosixFilePermission
> ----------------------------------------------------------
>
>                 Key: LOG4J2-1699
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-1699
>             Project: Log4j 2
>          Issue Type: Question
>          Components: Appenders
>         Environment: Linux
>            Reporter: Demetrios Dimatos
>            Priority: Critical
>              Labels: features
>             Fix For: 2.9
>
>         Attachments: LOG4J2-1699-2.patch, LOG4J2-1699.patch
>
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> We would like to hear the communities thoughts on being able to configure the 
> permissions log files are created with. We don't want to rely on UMASK 
> because we have managed services who's process should generate logs with a 
> 644 yet deployed applications by users should default to a 640 because the 
> logs may contain sensitive information.
> We will make the modification and set this in the properties file. Now we are 
> looking to see what the community position would be on accepting such a 
> patch, we don't want to be patching our own distribution indefinitely. 
> I searched all the JIRAs and was not able to find any matching requirements 
> recently. All I could find was something dated in 2006: 
> https://bz.apache.org/bugzilla/show_bug.cgi?id=40407



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to