PORT.EXEC

Do not use `Runtime.exec()'

Description

This rule flags any occurrence of `Runtime.exec()'.

Calling the `Runtime.exec()' method to spawn a process and execute an external command may not be portable because there is no guarantee that the native OS command will behave consistently on different platforms.

Example

 package PORT;
 import java.io.IOException;
 
 public class EXEC {
     public void method(String command) {
         try {
             Runtime.getRuntime().exec(command);      
 // violation, not portable
         } catch (IOException io) {
         }
     }
 }

Reference

Flanagan, David. Java in a Nutshell. O'Reilly, 1999, pp.190-192.