[
https://issues.apache.org/jira/browse/HBASE-26160?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17394044#comment-17394044
]
Hudson commented on HBASE-26160:
--------------------------------
Results for branch master
[build #360 on
builds.a.o|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/master/360/]:
(x) *{color:red}-1 overall{color}*
----
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/master/360/General_20Nightly_20Build_20Report/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/master/360/JDK8_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 jdk11 hadoop3 checks{color}
-- For more information [see jdk11
report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/master/360/JDK11_20Nightly_20Build_20Report_20_28Hadoop3_29/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> Configurable disallowlist for live editing of loglevels
> -------------------------------------------------------
>
> Key: HBASE-26160
> URL: https://issues.apache.org/jira/browse/HBASE-26160
> Project: HBase
> Issue Type: Improvement
> Reporter: Bryan Beaudreault
> Assignee: Bryan Beaudreault
> Priority: Minor
> Fix For: 2.5.0, 3.0.0-alpha-2, 2.4.6
>
>
> We currently use log4j/slf4j for audit logging in AccessController. This is
> convenient but presents a security/compliance risk because we allow
> live-editing of logLevels via the UI. One can simply set the logger to OFF
> and then perform actions un-audited.
> We should add a configuration for setting certain log levels to read-only
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
