...
| Code Block |
|---|
class MaliciousCallBack implements CallBack {
public void callMethod() {
// Code here gets executed with elevated privileges
}
public static void main(String[] args) {
CallBack callBack = new MaliciousCallBack();
CallBackAction action = new CallBackAction(callBack);
action.perform(); // Executes malicious code
}
} |
Compliant Solution
According to Oracle's secure coding guidelines [SCG 2010]:
...