Sensitive operations must be protected by security manager checks. Refer to guideline ENV02-J. Create a secure sandbox using a Security Manager to learn about the importance of performing security checks and limiting code to a secure sandbox.
...
This noncompliant code example instantiates a Hashtable and defines a remove() method to allow the removal of its entries. However, the method is public and non-final, which leaves it susceptible to malicious callers.
...
Two methods, checkPermission(Permission perm) and checkPermission(Permission perm, Object context), were added to the SecurityManager class in J2SE 1.2. The motivations for this change were manifold:
...
This compliant solution shows the single argument checkPermission() method and allows files in the local directory, with the dtd extension, to be read. DTDPermission is a custom permission that enforces this level of access (See guideline SEC10-J. Define custom security permissions for fine grained security for details on creating custom permissions). Even if the java.io.FilePermission is granted to the application with the action "read", DTD files will be subject to additional access control.
...
Failing to enforce security checks in code that performs sensitive operations can lead to malicious tampering of sensitive data.
Rule Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC08- J | high | probable | medium | P12 | L1 |
...