This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "J2EE Bad Practices: System.exit()"
From OWASP
Weilin Zhong (talk | contribs) |
Weilin Zhong (talk | contribs) |
||
Line 1: | Line 1: | ||
+ | {{Template:Vulnerability}} | ||
{{Template:Fortify}} | {{Template:Fortify}} | ||
− | |||
==Abstract== | ==Abstract== |
Revision as of 16:48, 19 July 2006
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
Abstract
A web application should not attempt to shut down its container.
Description
It is never a good idea for a web application to attempt to shut down the application container. A call to System.exit() is probably part of leftover debug code or code imported from a non-J2EE application.