GitHub user rgoers edited a comment on the discussion: log4j-script: what about security?
Log4j 3.0 has made more of an effort to separate various components. In addition to the properties mentioned above, in an environment that does not want scripting should not include the log4j-script jar in the application. GitHub link: https://github.com/apache/logging-log4j2/discussions/3894#discussioncomment-14979965 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
