...
| Code Block |
|---|
public class TowerOfLondon {
private Treasure theCrownJewels;
...
}
public class GarageSale {
public Treasure myCostumeJewerlymyCostumeJewelry;
...
}
|
| Wiki Markup |
|---|
If these two types could be confused, it would be possible to access the private field {{theCrownJewels}} as if it were the public field {{myCostumeJewerlymyCostumeJewelry}}. More generally, a _type confusion attack_ could allow Java security to be compromised by making the internals of the security manager open to abuse. A team of researchers at Princeton University showed that any type confusion in Java could be used to completely overcome Javaâs security mechanisms (see Securing Java Ch. 5, Sec. 7 \[[McGraw 1999|AA. Bibliography#McGraw 1999]\]). |
...