SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 95

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 96

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Certain combinations of permissions can produce significant capability increases , and should not be granted. Other permissions should only be granted to special code.

...

Wiki Markup
The {{ReflectPermission}} permission when granted on the target {{suppressAccessChecks}} suppresses all standard Java language access checks when the permitted class attempts to operate on {{public}}, default, {{protected}}, or {{private}} members of another class. Consequently, the permitted class can obtain permissions to examine any field or invoke any method belonging to an arbitrary class \[[Reflect 2006|AA. Bibliography#Ref 06]\]. Consequently, the {{ReflectPErmission}} permision must never be granted with target {{suppressAccessChecks}}.

Wiki Markup
According to the technical note, _Permissions in the Java SE 6 Development Kit_ \[[Permissions 2008|AA. Bibliography#Permissions 08]\], Section [ReflectPermission|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#ReflectPermission], target {{suppressAccessChecks}}:

...

The permission itself is specified in the security policy file used by the security manager. Program code can obtain a permission object by subclassing the java.security.Permission class or any of its subclasses (BasicPermission, for example, BasicPermission). The code can use the resulting object to grant AllPermission to a ProtectionDomain. This is bad practice.

...

To check whether the caller has the requisite permissions, standard Java APIs use code , such as the following:

Code Block
bgColor#ccccff
// Security manager check
FilePermission perm = new java.io.FilePermission("/tmp/JavaFile", "read");
AccessController.checkPermission(perm);
// ...

...

Related Guidelines

MITRE CWE

CWE ID -732, "Incorrect Permission Assignment for Critical Resource"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f10a42896d3d1ff4-e3c00759-4f58432c-baa39e73-5b7043922ec9a9cd06c4e615"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[Class AllPermission

http://java.sun.com/javase/6/docs/api/java/security/AllPermission.html], [ReflectPermission

http://java.sun.com/javase/6/docs/api/java/lang/reflect/ReflectPermission.html], [RuntimePermission

http://java.sun.com/javase/6/docs/api/java/lang/reflect/RuntimePermission.html]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2add8430795feffa-2fd6566c-4fa74415-9da6bbb7-c97fdc7f0d0c661a77ed822d"><ac:plain-text-body><![CDATA[

[[Gong 2003

AA. Bibliography#Gong 03]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="befbd68551e61b1d-698d8d5c-4d034e10-81e2ab81-b79646e56a2b2f5df0c5f7d8"><ac:plain-text-body><![CDATA[

[[Long 2005

AA. Bibliography#Long 05]]

Section 2.5, Reflection

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b23ebc2b7bb3f27e-d9a2fd5a-4e5946a5-a5d688aa-306967c5dcb54904d833cb40"><ac:plain-text-body><![CDATA[

[[Permissions 2008

AA. Bibliography#Permissions 08]]

Section [ReflectPermission

http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#ReflectPermission]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="376a66633b6aaa76-4a6f2d20-40d94aea-96f990f3-8de6ae9274953f20935a34de"><ac:plain-text-body><![CDATA[

[[Reflect 2006

AA. Bibliography#Ref 06]]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1165639aaa789d21-031140ee-4b8a4f03-8e4d990e-8775ff282ac58693dad52245"><ac:plain-text-body><![CDATA[

[[Security 2006

AA. Bibliography#Security 06]]

[Security Architecture

http://java.sun.com/javase/6/docs/technotes/guides/security/spec/security-spec.doc.html], Section [RuntimePermission

http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#RuntimePermission]

]]></ac:plain-text-body></ac:structured-macro>

...