...
In fact, relying on environment variables is more than a simple portability issue. An attacker can essentially control all environment variables that enter a program, using a mechanism such as the java.lang.ProcessBuilder class.
ThereforeConsequently, if an environment variable contains information that is available by other means, including system properties, that environment variable must not be used.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="dc0f43b47e1ffdb3-53b8cbc0-493a471c-bedaa8e6-bcf38f85fe99aefc451f7558"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b836a7973ce0efdc-c22fa1f8-42d64dba-8a44a69b-b153363b33e155a24c4ab007"><ac:plain-text-body><![CDATA[ | [[Campione 1996 | AA. Bibliography#Campione 96]] |
| ]]></ac:plain-text-body></ac:structured-macro> |
...