[
https://issues.apache.org/jira/browse/LOG4J2-3417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498835#comment-17498835
]
Gary D. Gregory edited comment on LOG4J2-3417 at 2/28/22, 10:47 AM:
--------------------------------------------------------------------
Excellent. As long as we do reuse Log4j 2's appender code, we will avoid the
risk of SQL injection.
was (Author: garydgregory):
Excellent. As long as we do reuse Log4j 2's runtime, we will avoid the risk of
SQL injection.
> Create JDBC appender for compatibility with v1
> ----------------------------------------------
>
> Key: LOG4J2-3417
> URL: https://issues.apache.org/jira/browse/LOG4J2-3417
> Project: Log4j 2
> Issue Type: New Feature
> Components: Appenders, Log4j 1.2 bridge
> Reporter: Matt Sicker
> Priority: Major
>
> Log4j 1 had a JDBC appender which made it fairly simple to set up an appender
> to a database. While the old version doesn't work properly with modern
> security practices, it shouldn't be too hard to parse the configured SQL
> statement for pattern layout keys and extract them into a parameterized query.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
