Index | Prev | Next

Runtime.exec()

The ability to call external executables is extremely useful in certain situations, however the use of Runtime.exec() can allow potentially malicious code to be executed. As such, several restrictions are placed on it to help protect your system.

Only station super users can add and edit Program objects. In NiagaraAX, there was a flag/entry to change this behavior in system.properties. In Niagara 4, this ability has been removed.

Program objects can no longer directly call Runtime.getRuntime().exec(command). Instead, a wrapper called ProgramRuntime behaves the same way as java.lang.Runtime, except that it takes the Program object as an additional parameter. Commands executed by ProgramRuntime are logged and audited.

Additionally, to enable the use of ProgramRuntime, the hidden slot allowProgramRuntimeExec on the station’s ProgramService must be set to true.

 NOTE: Only standalone Program objects can use ProgramRuntime.exec(). Program objects that have been compiled into Program Modules cannot call this function. 

An example of this in Program code is below

NiagaraAX Program object: 

Runtime.getRuntime().exec(“notepad.exe”);

Niagara 4 Program object: 

ProgramRuntime.getRuntime().exec(this, “notepad.exe”);

Related Links

  • Security Manager (Parent Topic)

    • Index | Prev | Next