A J2EE application uses System.exit(), which also shuts down its container.
Time of Introduction
Implementation
Applicable Platforms
Languages
Java
Common Consequences
Scope
Effect
Availability
Technical Impact: DoS: crash / exit /
restart
Demonstrative Examples
Example 1
Included in the doPost() method defined below is a call to
System.exit() in the event of a specific exception.
(Bad Code)
Example
Language: Java
Public void doPost(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
try {
...
} catch (ApplicationSpecificException ase) {
logger.error("Caught: " + ase.toString());
System.exit(1);
}
}
Other Notes
Access to a function that can shut down the application is an avenue for
Denial of Service (DoS) attacks. The shutdown function should be a
privileged function available only to a properly authorized administrative
user. Any other possible cause of a shutdown is generally a security
vulnerability. (In rare cases, the intended security policy calls for the
application to halt as a damage control measure when it determines that an
attack is in progress.) Web applications should not call methods that cause
the virtual machine to exit, such as System.exit(). Web applications should
also not throw any Throwables to the application server as this may
adversely affect the container. Non-web applications may have a main()
method that contains a System.exit(), but generally should not call
System.exit() from other locations in the code. It is never a good idea for
a web application to attempt to shut down the application container. A call
to System.exit() is probably part of leftover debug code or code imported
from a non-J2EE application.
Description
