Home » Java » Core Java » Preventing System.exit calls

About Raji Sankar

Preventing System.exit calls

When developing containers that run code written by other developers it is prudent to safe-guard against System.exit calls. If a developer inadvertently calls System.exit and deploys their code to be run by your container, it brings down the container process completely. This can be controlled using the checkExit function call in SecurityManager.

According to the reference for SecurityManager checkExit:

This method is invoked for the current security manager by the exit method of class Runtime. A status of 0 indicates success; other values indicate various errors.

Thus any call to exit invokes this method and we just have to throw an exception if we do not want the processing to continue further. We define our SecurityManager as below:

public class StopExitSecurityManager extends SecurityManager
        private SecurityManager _prevMgr = System.getSecurityManager();

        public void checkPermission(Permission perm)

        public void checkExit(int status)
            throw new ExitTrappedException(); //This throws an exception if an exit is called.

        public SecurityManager getPreviousMgr() { return _prevMgr; }

Now, we can provide a ease of use CodeControl class as below:

public class CodeControl
    public CodeControl()

    public void disableSystemExit()
        SecurityManager securityManager = new StopExitSecurityManager();
        System.setSecurityManager(securityManager) ;
    }    public void enableSystemExit()
        SecurityManager mgr = System.getSecurityManager();
        if ((mgr != null) && (mgr instanceof StopExitSecurityManager))
            StopExitSecurityManager smgr = (StopExitSecurityManager)mgr;

CodeControl can now be used as below:

CodeControl control = new CodeControl();
    //invoke the methods and other classes that are not allowed to call System.exit.
    Object ret = invokeExecute(_method, runWith, parms);
    //finally enable exit

This will prevent the methods called within the disable and enable calls to call System.exit, but allow your code to call it without a problem.

Reference: Preventing System.exit calls from our JCG partner Raji Sankar at the Reflections blog.

Do you want to know how to develop your skillset to become a Java Rockstar?

Subscribe to our newsletter to start Rocking right now!

To get you started we give you our best selling eBooks for FREE!

1. JPA Mini Book

2. JVM Troubleshooting Guide

3. JUnit Tutorial for Unit Testing

4. Java Annotations Tutorial

5. Java Interview Questions

6. Spring Interview Questions

7. Android UI Design

and many more ....



  1. What is ExitTrappedException? where is it defined? Is it imported?

  2. Raji,

    your StopExitSecurityManager class has a checkPermission method which grants *everything*.

    It would be safer to delegate to the previous manager to deal with non-exit permissions and deny exit directly.
    A separate checkExit method is not needed.

    public void checkPermission(Permission perm) {
    final String EXIT_PERMISSION = “exitVM”;
    if (perm instanceof RuntimePermission) {
    if (perm.getName().startsWith(EXIT_PERMISSION)) {
    // An exit permission is always denied.
    throw new StopExitException();
    if (_prevMgr != null) {
    // Any other permission is checked by previous manger.

Leave a Reply

Your email address will not be published. Required fields are marked *


Want to take your Java Skills to the next level?
Grab our programming books for FREE!
  • Save time by leveraging our field-tested solutions to common problems.
  • The books cover a wide range of topics, from JPA and JUnit, to JMeter and Android.
  • Each book comes as a standalone guide (with source code provided), so that you use it as reference.
Last Step ...

Where should we send the free eBooks?

Good Work!
To download the books, please verify your email address by following the instructions found on the email we just sent you.