Joe
Reputation: 385
How to avoid Java system properties on command line?
I have a Java program and it uses user.home system property to get user home directory.
This program should not allow user.home property on command line. If user pass wrong directory from command line for user.home (java -Duser.home) then my program will have security hole.
So how can I restrict user.home from command line and it should uses only through program?
Upvotes: 0
Views: 357
Answers (1)
Charles Duffy
Reputation: 295373
It is not possible to guarantee that user.home is set correctly.
user.home is initialized from the $HOME environment variable if it isn't passed directly to the JVM.
It isn't possible to prevent a user from modifying their own environment.
Upvotes: 3
Related Questions
- Reading Java system properties from command line
- Set multiple system properties Java command line
- How to set a java system property so that it is effective whenever I start JVM without adding it to the command line arguments
- Java command line to specify system properties file
- Java setting system property using command line
- Can command-line set Java system properties be distinguished from the defaults?
- Setting Java system properties without putting the values on the command line
- How to override the properties file value through command line arguments?
- system properties passed in tomcat command line in java
- Nested system properties in Java command line