...
Failing to limit field accessibility can defeat encapsulation, allow attackers to manipulate fields to violate class invariants, or allow these fields to be corrupted as the result of concurrent accesses from multiple threads.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
OBJ01-J | Medium | Likely | Medium | P12 | L1 |
Automated Detection
Detection of public and protected fields is trivial; heuristic detection of the presence or absence of accessor methods is straightforward. However, simply reporting all detected cases without suppressing those cases covered by the exceptions to this rule would produce excessive false positives. Sound detection and application of the exceptions to this rule is infeasible; however, heuristic techniques may be useful.
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| SonarQube |
| S2386 | Mutable fields should not be "public static" Implemented for public static |
array, |
Collection, |
Date, |
and awt.Point |
members. |
Related Guidelines
CWE-766, Critical Variable Declared Public | |
Guideline 6-8 / MUTABLE-8: Define wrapper methods around modifiable internal state |
Bibliography
Item 13, "Minimize the Accessibility of Classes and Members" | |
| [Conventions 2009] |
Chapter 6, "Interfaces and Inner Classes" | |
[JLS 2015] | |
Section 2.2, "Public Fields" | |
Class Properties for Security Review in an Object-Capability Subset of Java |
...
...