...
Code Block | ||
---|---|---|
| ||
//security manager code perm = new java.io.FilePermission("/tmp/JavaFile","read"); //other code |
Risk Assessment
TODOGranting AllPermission
means that there is no security at all.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
SEC31-J | ?? high ?? | probable | ?? low | P?? | L?? |
Automated Detection
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
Wiki Markup |
---|
\[[Gong 03|AA. Java References#Gong 03]\]
\[[API 06|AA. Java References#API 06]\] [AllPermission| |
Java documentation
http://java.sun.com/ |
javase/6/docs/api/java/security/AllPermission.html |
Java Documentation
] \[[Security 06|AA. Java References#Security 06]\] [Security Architecture|http://java.sun.com/ |
javase/6/docs/ |
technotes/guides/security/spec/security-spec. |
doc.html |
] |