org.owasp.esapi
Class Executor
java.lang.Object
org.owasp.esapi.Executor
- All Implemented Interfaces:
- IExecutor
- public class Executor
- extends java.lang.Object
- implements IExecutor
Reference implementation of the Executor interface. This implementation is very restrictive. Commands must exactly
equal the canonical path to an executable on the system. Valid characters for parameters are alphanumeric,
forward-slash, and dash.
- Since:
- June 1, 2007
- Author:
- Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security
- See Also:
IExecutor
|
Method Summary |
java.lang.String |
executeSystemCommand(java.io.File executable,
java.util.List params,
java.io.File workdir,
int timeoutSeconds)
Executes a system command after checking that the executable exists and
that the parameters have not been subject to injection with untrusted
user data. |
| Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Executor
public Executor()
executeSystemCommand
public java.lang.String executeSystemCommand(java.io.File executable,
java.util.List params,
java.io.File workdir,
int timeoutSeconds)
throws ExecutorException
- Description copied from interface:
IExecutor
- Executes a system command after checking that the executable exists and
that the parameters have not been subject to injection with untrusted
user data. Implementations shall change to the specified working
directory before invoking the command. Also, processes should be
interrupted after the specified timeout period has elapsed.
- Specified by:
executeSystemCommand in interface IExecutor
- Parameters:
params - the paramsworkdir - the workdirtimeoutSeconds - the timeout seconds
- Returns:
- the string
- Throws:
ExecutorException - the service exception