...
CWE ID 266, "Incorrect Privilege Assignment" | |
| CWE ID 272, "Least Privilege Violation" |
| CWE ID 732, "Incorrect Permission Assignment for Critical Resource" SCG 2009 |
Secure Coding Guidelines for the Java Programming Language, Version 3.0 | Guideline 6-2 Safely invoke java.security.AccessController.doPrivileged |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="24b16cb213f2cb78-0f1a3080-40f44c37-bebe9010-960e44ae20f39da7c1add2ed"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="bd541cf6bdade5d0-02269129-41184a6c-8d538e57-20ba3d3d37344c0bf327db27"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | Sections 6.4, "AccessController" | ]]></ac:plain-text-body></ac:structured-macro> | |
| 9.5 "Privileged Code" | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="028d2f6f036bd2d7-6c7c7bab-45034954-ac87986b-f4f6574e392ea218cf4290d8"><ac:plain-text-body><![CDATA[ | [[Jovanovic 2006 | AA. Bibliography#Jovanovic 06]] | "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities" | ]]></ac:plain-text-body></ac:structured-macro> |
...