Package com.cedarsoftware.util

Class SystemUtilities

java.lang.Object
com.cedarsoftware.util.SystemUtilities
public final class SystemUtilities extends Object
Utility class providing common system-level operations and information gathering capabilities. This class offers static methods for accessing and managing system resources, environment settings, and runtime information.

Security Configuration

SystemUtilities provides configurable security controls to prevent various attack vectors including information disclosure, resource exhaustion, and system manipulation attacks. All security features are disabled by default for backward compatibility.

Security controls can be enabled via system properties:

  • systemutilities.security.enabled=false — Master switch for all security features
  • systemutilities.environment.variable.validation.enabled=false — Block sensitive environment variable access
  • systemutilities.file.system.validation.enabled=false — Validate file system operations
  • systemutilities.resource.limits.enabled=false — Enforce resource usage limits
  • systemutilities.max.shutdown.hooks=100 — Maximum number of shutdown hooks
  • systemutilities.max.temp.prefix.length=100 — Maximum temporary directory prefix length
  • systemutilities.sensitive.variable.patterns=password,secret,key,... — Comma-separated sensitive variable patterns

Security Features

  • Environment Variable Protection: Prevents access to sensitive environment variables (passwords, tokens, etc.)
  • File System Validation: Validates temporary directory prefixes to prevent path traversal attacks
  • Resource Limits: Configurable limits on shutdown hooks and other resources to prevent exhaustion
  • Information Disclosure Prevention: Sanitizes variable names and prevents credential exposure

Usage Example


 // Enable security with custom settings
 System.setProperty("systemutilities.security.enabled", "true");
 System.setProperty("systemutilities.environment.variable.validation.enabled", "true");
 System.setProperty("systemutilities.file.system.validation.enabled", "true");
 System.setProperty("systemutilities.max.shutdown.hooks", "50");

 // These will now enforce security controls
 String var = SystemUtilities.getExternalVariable("NORMAL_VAR"); // works
 String pass = SystemUtilities.getExternalVariable("PASSWORD"); // returns null (filtered)

Key Features:

  • System environment and property access
  • Memory usage monitoring and management
  • Network interface information retrieval
  • Process management and identification
  • Runtime environment analysis
  • Temporary file management

Usage Examples:


 // Get system environment variable with fallback to system property
 String configPath = SystemUtilities.getExternalVariable("CONFIG_PATH");

 // Check available system resources
 int processors = SystemUtilities.getAvailableProcessors();
 MemoryInfo memory = SystemUtilities.getMemoryInfo();

 // Get network configuration
 List<NetworkInfo> networks = SystemUtilities.getNetworkInterfaces();

All methods in this class are thread-safe unless otherwise noted. The class cannot be instantiated and provides only static utility methods.

Author:
John DeRegnaucourt ([email protected])
Copyright (c) Cedar Software LLC

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

License

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
See Also:

  • Field Details

    • OS_NAME

      public static final String OS_NAME

    • JAVA_VERSION

      public static final String JAVA_VERSION

    • USER_HOME

      public static final String USER_HOME

    • TEMP_DIR

      public static final String TEMP_DIR

  • Method Details

    • getExternalVariable

      public static String getExternalVariable(String var)
      Fetch value from environment variable and if not set, then fetch from System properties. If neither available, return null.

      Security Note: This method filters out potentially sensitive variables such as passwords, tokens, and credentials to prevent information disclosure. Use getExternalVariableUnsafe(String) if you need access to sensitive variables and have verified the security requirements.

      Parameters:
      var - String key of variable to return
      Returns:
      variable value or null if not found or filtered for security

    • getExternalVariableUnsafe

      public static String getExternalVariableUnsafe(String var)
      Fetch value from environment variable and if not set, then fetch from System properties, without security filtering.

      Security Warning: This method bypasses security filtering and may return sensitive information such as passwords or tokens. Use with extreme caution and ensure proper access controls are in place.

      Parameters:
      var - String key of variable to return
      Returns:
      variable value or null if not found

    • getAvailableProcessors

      public static int getAvailableProcessors()
      Get available processors, considering Docker container limits

    • getMemoryInfo

      public static SystemUtilities.MemoryInfo getMemoryInfo()
      Get current JVM memory usage information

    • getSystemLoadAverage

      public static double getSystemLoadAverage()
      Get system load average over last minute
      Returns:
      load average or -1.0 if not available

    • isJavaVersionAtLeast

      public static boolean isJavaVersionAtLeast(int major, int minor)
      Check if running on specific Java version or higher

    • currentJdkMajorVersion

      public static int currentJdkMajorVersion()
      Returns:
      current JDK major version

    • getCurrentProcessId

      public static long getCurrentProcessId()
      Get process ID of current JVM
      Returns:
      process ID for the current Java process

    • createTempDirectory

      public static File createTempDirectory(String prefix)
      Create temporary directory that will be deleted on JVM exit.

      Security Note: The prefix parameter is validated to prevent path traversal attacks and ensure safe directory creation.

      Parameters:
      prefix - the prefix for the temporary directory name
      Returns:
      the created temporary directory
      Throws:
      IllegalArgumentException - if the prefix contains invalid characters
      IOException - if the directory cannot be created (thrown as unchecked)

    • getSystemTimeZone

      public static TimeZone getSystemTimeZone()
      Get system timezone, considering various sources

    • hasAvailableMemory

      public static boolean hasAvailableMemory(long requiredBytes)
      Check if enough memory is available

    • getEnvironmentVariables

      public static Map<String,String> getEnvironmentVariables(Predicate<String> filter)
      Get all environment variables with optional filtering and security protection.

      Security Note: This method automatically filters out sensitive variables such as passwords, tokens, and credentials to prevent information disclosure. Use getEnvironmentVariablesUnsafe(Predicate) if you need access to sensitive variables and have verified the security requirements.

      Parameters:
      filter - optional predicate to further filter variables (applied after security filtering)
      Returns:
      map of non-sensitive environment variables

    • getEnvironmentVariablesUnsafe

      public static Map<String,String> getEnvironmentVariablesUnsafe(Predicate<String> filter)
      Get all environment variables with optional filtering, without security protection.

      Security Warning: This method bypasses security filtering and may return sensitive information such as passwords or tokens. Use with extreme caution and ensure proper access controls are in place.

      Parameters:
      filter - optional predicate to filter variables
      Returns:
      map of all environment variables matching the filter

    • getNetworkInterfaces

      public static List<SystemUtilities.NetworkInfo> getNetworkInterfaces()
      Get network interface information

    • addShutdownHook

      public static void addShutdownHook(Runnable hook)
      Add shutdown hook with safe execution and resource limits.

      Security Note: This method enforces a limit on the number of shutdown hooks to prevent resource exhaustion attacks. The current default limit is 100 hooks, configurable via system property.

      Parameters:
      hook - the runnable to execute during shutdown
      Throws:
      IllegalStateException - if the maximum number of shutdown hooks is exceeded
      IllegalArgumentException - if hook is null

    • getShutdownHookCount

      public static int getShutdownHookCount()
      Get the current number of registered shutdown hooks.
      Returns:
      the number of shutdown hooks currently registered