no hits if the user has no permissions to read from folder

mergebase / log4j-detector

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

Other

638 stars 98 forks source link

no hits if the user has no permissions to read from folder #2

Closed joegoerlich closed 2 years ago

joegoerlich commented 2 years ago

If a user has no permission to read from the specified folder, no hits are displayed. This should either show a warning message or a hint to run log4j-detector as root.

juliusmusseau commented 2 years ago

Good idea !

juliusmusseau commented 2 years ago

It should complain now when files/directories cannot be read (v2021.12.15)