Hello,
I am looking for some help with log4j remediation.
Once I run the below remediation script for the identified jar file, how to do I validate it?
zip -q -d path-to-JAR-file org/apache/logging/log4j/core/lookup/JndiLookup.class
Thank you for the link. Yes, I gone through that earlier, but that gives the steps for remediation. I dont see any specific step for validation.
Would you mind to share if you are aware of any validation steps for manual log4j remediation?
For validation, I would rerun the search and if they were zipped, you shouldn't get any results for log4j-core-2.*.jar.
Correction:
The find command will still find those jar files. You want to verify that JndiLookup.class has been removed.
I think you can use something similar to this:
find . -name *.jar | xargs grep JndiLookup.class
Another way would be to spot check one or two jar files, by copying them to a temporary location, run “unzip jarfilename.jar”, and eyeball the extracted folder and see if JndiLookup.class is no longer there.
Is this the only command to issue for UNIX? zip -q -d path-to-JAR-file org/apache/logging/log4j/core/lookup/JndiLookup.class
Also does the path-to-JAR-file include the actual .jar file, for example what's in red (/opt/sas/sashome/SASEnvironmentManagerAgent/2.5/installer/lib/log4j-core-2.11.1.jar)
Thank you.
Available on demand!
Missed SAS Innovate Las Vegas? Watch all the action for free! View the keynotes, general sessions and 22 breakouts on demand.
Select SAS Training centers are offering in-person courses. View upcoming courses for: