org.owasp.esapi.reference
Class DefaultExecutor
java.lang.Object
org.owasp.esapi.reference.DefaultExecutor
- All Implemented Interfaces:
- Executor
- public class DefaultExecutor
- extends java.lang.Object
- implements Executor
Reference implementation of the Executor interface. This implementation is very restrictive. Commands must exactly
equal the canonical path to an executable on the system. Valid characters for parameters are alphanumeric,
forward-slash, and dash.
- Since:
- June 1, 2007
- Author:
- Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security
- See Also:
Executor
|
Method Summary |
java.lang.String |
executeSystemCommand(java.io.File executable,
java.util.List params,
java.io.File workdir,
int timeoutSeconds)
Executes a system command after checking that the executable exists and
that the parameters have not been subject to injection with untrusted
user data. |
| Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
DefaultExecutor
public DefaultExecutor()
executeSystemCommand
public java.lang.String executeSystemCommand(java.io.File executable,
java.util.List params,
java.io.File workdir,
int timeoutSeconds)
throws ExecutorException
- Description copied from interface:
Executor
- Executes a system command after checking that the executable exists and
that the parameters have not been subject to injection with untrusted
user data. Implementations shall change to the specified working
directory before invoking the command. Also, processes should be
interrupted after the specified timeout period has elapsed.
- Specified by:
executeSystemCommand in interface Executor
- Parameters:
params - the paramsworkdir - the working directorytimeoutSeconds - the amount of time to allow this process to run
- Returns:
- the string
- Throws:
ExecutorException - the service exception