question

yun avatar image
yun asked Erick Ramirez edited

Can we safely remove log4j-1.2.17.jar from spark/client-lib/ if we haven't enabled Analytics in DSE?

Hello,

We found log4j-1.2.17.jar under path /usr/share/dse/spark/client-lib/, which has multiple vulnerabilities.

Since we didn't enable spark, could we safely remove this jar file?

# Start the node in Spark mode
SPARK_ENABLED=0

Thanks

dse
10 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

jaroslaw.grabowski_50515 avatar image
jaroslaw.grabowski_50515 answered

Yes, it can be safely removed in that case.

Share
10 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.