...
| Code Block |
|---|
public interface CallBack {
void callMethod();
}
class CallBackImpl implements CallBack {
public void callMethod() {
System.out.println("Callback calledinvoked");
}
}
class Client {
CallBack callback;
public void registerregisterCallback(CallBack callback) {
this.callback = callback;
}
public void doSomething() {
callback.callMethod();
}
public static void main(String[] args) {
Client client = new Client();
CallBack callBackmyCallback = new CallBackImpl();
client.register(callBack);registerCallback( myCallback);
// ...
client.doSomething(); // prints "Callback invoked"
}
} |
Frequently, callback methods are given full privileges which can make them attractive targets. If these methods accept arguments from untrusted code, privilege escalation may occur.
...