...
This compliant solution combines all privileged code into the same package and reduces the accessibility of the getValue() method to package-private. Sealing the package is necessary to prevent attackers from inserting any rogue classes.
| Code Block | ||
|---|---|---|
| ||
package trusted;
public class MixMatch {
// ...
}
package trusted;
class RetValue {
int getValue() {
// ... return 1;
}
}
|
To seal a package, use the sealed attribute in the manifest file header. This is shown below.
...