(THIS CODING RULE OR GUIDELINE IS UNDER CONSTRUCTION)

Information that is cached may become accessible to other applications, and certainly becomes accessible if the device is found or stolen by a third party.

...

[This rule may require four or five NCCE/CS pairs.]

Noncompliant Code Example

This noncompliant code example shows an application that caches sensitive information.

...

Another application could access the cache, thereby revealing the sensitive information.

Compliant Solution

In this compliant solution the sensitive information is not cached.

Code Block

bgColor	#CCCCFF

TBD

Risk Assessment

Caching sensitive information may result in the information becoming accessible.

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
DRD22-J	Medium	Probable	High	P4	L3

Automated Detection

It is not possible to automatically detect all situations when sensitive information may be cached.

Bibliography

[viaForensics 2014]

2. Avoid caching app data

15. Be aware of the keyboard cache

29. Android: avoid storing cached camera images

30. Android: Avoid GUI objects caching

[Android Security] Using WebView

[Android API 2013] clearCache() method

Space shortcuts

Page tree

Versions Compared

Old Version 5

New Version 6

Key

(THIS CODING RULE OR GUIDELINE IS UNDER CONSTRUCTION)

Noncompliant Code Example

Compliant Solution

Risk Assessment

Automated Detection

Bibliography

Space shortcuts

Page tree

Page History

Versions Compared

Old Version 5

New Version 6

Key

(THIS CODING RULE OR GUIDELINE IS UNDER CONSTRUCTION)

Noncompliant Code Example

Compliant Solution

Risk Assessment

Automated Detection

Bibliography