[jira] [Commented] (LOG4J2-1035) Log4j2 tries to SystemClassLoader when running on Google AppEngine

Wed, 10 Jun 2015 17:13:22 -0700 

    [ 
https://issues.apache.org/jira/browse/LOG4J2-1035?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14581271#comment-14581271
 ] 

Gary Gregory commented on LOG4J2-1035:
--------------------------------------

I'm not sure we need yet another system property to fix this.

In your use case, Java throws an exception for {{access denied 
("java.lang.RuntimePermission" "getClassLoader")}}.

In the LoaderUtil class static init, we already check if this permission is set 
like this:

{code:java}
    static {
        if (SECURITY_MANAGER != null) {
            boolean getClassLoaderDisabled;
            try {
                SECURITY_MANAGER.checkPermission(new 
RuntimePermission("getClassLoader"));
                getClassLoaderDisabled = false;
            } catch (final SecurityException ignored) {
                getClassLoaderDisabled = true;
            }
            GET_CLASS_LOADER_DISABLED = getClassLoaderDisabled;
        } else {
            GET_CLASS_LOADER_DISABLED = false;
        }
    }
{code}

So we know by the time we are in 
{{org.apache.logging.log4j.util.LoaderUtil.findUrlResources(LoaderUtil.java:192)}}
 if the call to 
{{java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1525)}} will fail.

Can you try this instead: 
{noformat}
diff --git 
a/log4j-api/src/main/java/org/apache/logging/log4j/util/LoaderUtil.java 
b/log4j-api/src/main/java/org/apache/logging/log4j/util/LoaderUtil.java
index 277f0f4..8f68500 100644
--- a/log4j-api/src/main/java/org/apache/logging/log4j/util/LoaderUtil.java
+++ b/log4j-api/src/main/java/org/apache/logging/log4j/util/LoaderUtil.java
@@ -94,7 +94,7 @@
                 return cl;
             }
             final ClassLoader ccl = LoaderUtil.class.getClassLoader();
-            return ccl == null ? ClassLoader.getSystemClassLoader() : ccl;
+            return ccl == null && !GET_CLASS_LOADER_DISABLED ? 
ClassLoader.getSystemClassLoader() : ccl;
         }
     }
 
@@ -192,7 +192,7 @@
         final ClassLoader[] candidates = {
             getThreadContextClassLoader(),
             LoaderUtil.class.getClassLoader(),
-            ClassLoader.getSystemClassLoader()
+            GET_CLASS_LOADER_DISABLED ? null : 
ClassLoader.getSystemClassLoader()
         };
         final Collection<UrlResource> resources = new LinkedHashSet<>();
         for (final ClassLoader cl : candidates) {
{noformat}

Thank you,
Gary

> Log4j2 tries to SystemClassLoader when running on Google AppEngine
> ------------------------------------------------------------------
>
>                 Key: LOG4J2-1035
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-1035
>             Project: Log4j 2
>          Issue Type: Bug
>          Components: Configurators
>    Affects Versions: 2.3
>         Environment: Google AppEngine
>            Reporter: Lukasz Lenart
>         Attachments: scl.patch
>
>
> Apache Struts recently switched to Log4j2 as a base logging layer and this 
> broke deployments to Google AppEngine, below is the exception:
> {noformat}
> Uncaught exception from servlet
> java.lang.ExceptionInInitializerError
>       at 
> org.apache.logging.log4j.status.StatusLogger.<clinit>(StatusLogger.java:55)
>       at org.apache.logging.log4j.LogManager.<clinit>(LogManager.java:56)
>       at 
> org.apache.struts2.tiles.StrutsTilesListener.<clinit>(StrutsTilesListener.java:50)
>       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
>       at 
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
>       at 
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>       at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
>       at java.lang.Class.newInstance(Class.java:375)
>       at 
> org.mortbay.jetty.webapp.WebXmlConfiguration.newListenerInstance(WebXmlConfiguration.java:650)
>       at 
> org.mortbay.jetty.webapp.WebXmlConfiguration.initListener(WebXmlConfiguration.java:631)
>       at 
> org.mortbay.jetty.webapp.WebXmlConfiguration.initWebXmlElement(WebXmlConfiguration.java:368)
>       at 
> org.mortbay.jetty.webapp.WebXmlConfiguration.initialize(WebXmlConfiguration.java:289)
>       at 
> org.mortbay.jetty.webapp.WebXmlConfiguration.configure(WebXmlConfiguration.java:222)
>       at 
> org.mortbay.jetty.webapp.WebXmlConfiguration.configureWebApp(WebXmlConfiguration.java:180)
>       at 
> org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1247)
>       at 
> org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517)
>       at 
> org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:467)
>       at 
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
>       at 
> com.google.apphosting.runtime.jetty.AppVersionHandlerMap.createHandler(AppVersionHandlerMap.java:199)
>       at 
> com.google.apphosting.runtime.jetty.AppVersionHandlerMap.getHandler(AppVersionHandlerMap.java:174)
>       at 
> com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:134)
>       at 
> com.google.apphosting.runtime.JavaRuntime$RequestRunnable.run(JavaRuntime.java:527)
>       at 
> com.google.tracing.TraceContext$TraceContextRunnable.runInContext(TraceContext.java:437)
>       at 
> com.google.tracing.TraceContext$TraceContextRunnable$1.run(TraceContext.java:444)
>       at 
> com.google.tracing.CurrentContext.runInContext(CurrentContext.java:230)
>       at 
> com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContextNoUnref(TraceContext.java:308)
>       at 
> com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContext(TraceContext.java:300)
>       at 
> com.google.tracing.TraceContext$TraceContextRunnable.run(TraceContext.java:441)
>       at 
> com.google.apphosting.runtime.ThreadGroupPool$PoolEntry.run(ThreadGroupPool.java:251)
>       at java.lang.Thread.run(Thread.java:745)
> Caused by: java.security.AccessControlException: access denied 
> ("java.lang.RuntimePermission" "getClassLoader")
>       at 
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:382)
>       at 
> java.security.AccessController.checkPermission(AccessController.java:572)
>       at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>       at 
> com.google.apphosting.runtime.security.CustomSecurityManager.checkPermission(CustomSecurityManager.java:56)
>       at 
> java.lang.ClassLoader.checkClassLoaderPermission(ClassLoader.java:1606)
>       at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1525)
>       at 
> org.apache.logging.log4j.util.LoaderUtil.findUrlResources(LoaderUtil.java:192)
>       at 
> org.apache.logging.log4j.util.LoaderUtil.findResources(LoaderUtil.java:183)
>       at 
> org.apache.logging.log4j.util.PropertiesUtil.<init>(PropertiesUtil.java:90)
>       at 
> org.apache.logging.log4j.util.PropertiesUtil.<clinit>(PropertiesUtil.java:36)
>       ... 30 more
> {noformat}
> Looks like it tries to read a file from filesystem which is prohibited.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to