h4xr commented on issue #4181:
URL: 
https://github.com/apache/logging-log4j2/issues/4181#issuecomment-4954106435

   @ppkarwasz as discussed over the security list, opening an issue here.
   
   I think we can have 2 fixes for this:
   - RoutingAppender: We can introduce an option `maxRoutes` configuration in 
the RoutingAppender which can be enabled by consumers on need basis. This can 
help with unbounded growth of file descriptors open at a given moment. This 
will ensure, for a high cardinality key, the system is not at risk of running 
out of file descriptors.
   - IdlePurgePolicy: While it allows to automatically cleanup appenders which 
are not in use for a while, having a high cardinality key in a high throughput 
system can mean, the mitigation may not be enough. We can add a note in the 
log4j documentation about the same so the users are aware about configuring 
RoutingAppender with IdlePurgePolicy with keys that are user controlled or high 
cardinality.
   
   If the designs make sense, I will be happy to contribute the improvements


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to