SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 27

changes.mady.by.user Brendan Saulsbury

Saved on

compared with

New Version 28

changes.mady.by.user Brendan Saulsbury

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
This compliant solution moves the call to {{System.loadLibrary()}} outside the {{doPrivileged()}} block. Any operations on the file descriptor {{f\[0\]}} must also occur outside the privileged block to make it easier to audit privileged code. However, {{f\[0\]}} should not leak out to untrusted code (see [SEC00-J. Do not allow doPrivileged() blocks to leak sensitive information outside a trust boundary]). As a result, the "operations on the file" must not allow {{f\[0\]}} to escape out of {{changePassword()}}. Minimizing the amount of code that requires elevated privileges eases the necessary task of auditing privileged code.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="775a5dbc98a15e73-99f4658f-4cb64ab8-a30db4bd-a3d459e2bb4bac586f10e539"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

"Privilege Sandbox Issues [XYO]"

]]></ac:plain-text-body></ac:structured-macro>

MITRE CWE

CWE ID 272, "Least Privilege Violation"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4579cc3c7b8d4807-557e1596-47a44cdd-8265ba9b-055b0253703488e7dfca9aae"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

Class java.security.AccessController

]]></ac:plain-text-body></ac:structured-macro>

...