h4xr commented on issue #4181: URL: https://github.com/apache/logging-log4j2/issues/4181#issuecomment-4954106435
@ppkarwasz as discussed over the security list, opening an issue here. I think we can have 2 fixes for this: - RoutingAppender: We can introduce an option `maxRoutes` configuration in the RoutingAppender which can be enabled by consumers on need basis. This can help with unbounded growth of file descriptors open at a given moment. This will ensure, for a high cardinality key, the system is not at risk of running out of file descriptors. - IdlePurgePolicy: While it allows to automatically cleanup appenders which are not in use for a while, having a high cardinality key in a high throughput system can mean, the mitigation may not be enough. We can add a note in the log4j documentation about the same so the users are aware about configuring RoutingAppender with IdlePurgePolicy with keys that are user controlled or high cardinality. If the designs make sense, I will be happy to contribute the improvements -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
