...
This class fails to prevent malicious subclasses but does protect the data in SensitiveClass. Its methods are protected by being declared final. For more information on how to handle malicious subclasses, see rule "OBJ08OBJ04-J. Provide mutable classes with copy functionality to allow passing instances to untrusted code safely."
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="86a6b7e3095509e1-588025e3-4482404a-8b789b39-f9ff9bfac020e51bc45baae5"><ac:plain-text-body><![CDATA[ | [[McGraw 1998 | AA. Bibliography#Mcgraw 98]] | Twelve rules for developing more secure Java code | ]]></ac:plain-text-body></ac:structured-macro> | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d064672dbf0eec0b-40558f41-455347f6-ab26ae21-94e3e199b2d685dc36471380"><ac:plain-text-body><![CDATA[ | [[MITRE 2009 | AA. Bibliography#MITRE 09]] | [CWE-498 | http://cwe.mitre.org/data/definitions/498.html] "Cloneable Class Containing Sensitive Information", [CWE-491 | http://cwe.mitre.org/data/definitions/491.html] "Public cloneable() Method Without Final (aka 'Object Hijack')" | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b5ca24c4c737d680-b72c75fa-47bb44c5-827ab82b-f2bec00bcc89a9a2fd90cf02"><ac:plain-text-body><![CDATA[ | [[Wheeler 2003 | AA. Bibliography#Wheeler 03]] | 10.6. Java | ]]></ac:plain-text-body></ac:structured-macro> |
...