GitHub user rgoers added a comment to the discussion: log4j-script: what about security?
Log4j 3.0 has made more of an effort to separate various components. In addition to the properties mentioned above, in and environment that does not want scripting should not include the log4j-script jar in the application. GitHub link: https://github.com/apache/logging-log4j2/discussions/3894#discussioncomment-14979965 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
