Interface Executor

  • All Known Implementing Classes:
    DefaultExecutor

    public interface Executor
    The Executor interface is used to run an OS command with reduced security risk.

    Implementations should do as much as possible to minimize the risk of injection into either the command or parameters. In addition, implementations should timeout after a specified time period in order to help prevent denial of service attacks.

    The class should perform logging and error handling as well. Finally, implementation should handle errors and generate an ExecutorException with all the necessary information.

    The reference implementation does all of the above.

    Since:
    June 1, 2007
    Author:
    Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security
    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      ExecuteResult executeSystemCommand​(java.io.File executable, java.util.List params)
      Invokes the specified executable with default workdir and codec and not logging parameters.
      ExecuteResult executeSystemCommand​(java.io.File executable, java.util.List params, java.io.File workdir, Codec codec, boolean logParams, boolean redirectErrorStream)
      Executes a system command after checking that the executable exists and escaping all the parameters to ensure that injection is impossible.
    • Method Detail

      • executeSystemCommand

        ExecuteResult executeSystemCommand​(java.io.File executable,
                                           java.util.List params)
                                    throws ExecutorException
        Invokes the specified executable with default workdir and codec and not logging parameters.
        Parameters:
        executable - the command to execute
        params - the parameters of the command being executed
        Throws:
        ExecutorException
      • executeSystemCommand

        ExecuteResult executeSystemCommand​(java.io.File executable,
                                           java.util.List params,
                                           java.io.File workdir,
                                           Codec codec,
                                           boolean logParams,
                                           boolean redirectErrorStream)
                                    throws ExecutorException
        Executes a system command after checking that the executable exists and escaping all the parameters to ensure that injection is impossible. Implementations must change to the specified working directory before invoking the command.
        Parameters:
        executable - the command to execute
        params - the parameters of the command being executed
        workdir - the working directory
        codec - the codec to use to encode for the particular OS in use
        logParams - use false if any parameters contains sensitive or confidential information
        Returns:
        the output of the command being run
        Throws:
        ExecutorException - the service exception