Hello, As noticed by Boris Unckel in LOG4J2-3579[1], there are some issues when running Log4j2 under a SecurityManager, both from the `ServiceLoader` and `PropertiesUtil` perspective.
>From the `PropertiesUtil` perspective: * version 2.17.2 (cr. [2]) ignored all property sources that caused an `AccessControllerException` (actually it probably ignored all property sources from the classloader that caused the exception). This behavior was introduced as a fix to LOG4J2-2266 [3]. * the `ServiceLoaderUtil` I backported from `master` to 2.18.0 catches `ServiceLoaderException`s on a per-property source basis, but it does not catch `AccessControllerException`s which can cause global failures, as the one described by Boris. I am wondering what is the best course of action in this case: 1. We can keep silently ignoring all exceptions thrown by the `ServiceLoader` and the iterators it produces, 2. We can introduce some `AccessController#doPrivileged` calls in the right places (cf. the PRs [4] and [5] by Boris). I would prefer the second solution, but it requires adding security checks to all the available property sources. The environment and system properties sources are protected by internal Java security checks, but the `log4j2.component.properties` and Spring property sources are available for everyone to read. Some malicious code could for example call `PropertiesUtil.getProperty("log4j2.keyStorePassword")`. What do you think? Piotr [1] https://issues.apache.org/jira/browse/LOG4J2-3579 [2] https://github.com/apache/logging-log4j2/blob/c33646f61850619c756797122f4fc4c53f7013f1/log4j-api/src/main/java/org/apache/logging/log4j/util/PropertiesUtil.java#L437 [3] https://issues.apache.org/jira/browse/LOG4J2-2266 [4] https://github.com/apache/logging-log4j2/pull/1006 [5] https://github.com/apache/logging-log4j2/pull/1007