security/bastillion: fix log4j vulnerablity
Disable format msg lookup via shell variable on startup.
Security: CVE-2021-44228