...
Automated checking is clearly not possible in the general case. We might be able to do something with escape analysis to check that we are not leaking privileged data provided that privileged data is marked by the user, and even that would be difficult.
Related
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e7add10f7a89dc23-e2bc4684-45764d04-906ea293-0f5eeb35574ebe648a4ff109"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Privilege Sandbox Issues [XYO]" | ]]></ac:plain-text-body></ac:structured-macro> |
CWE ID 272, "Least Privilege Violation" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="508d0ab3f0336c44-b69b5717-4fdd48d9-bb888db4-d6e71b2ffdeddeabf2d00f38"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | Class | ]]></ac:plain-text-body></ac:structured-macro> |
...