Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
//security manager code
perm = new java.io.FilePermission("/tmp/JavaFile","read");
//other code

Risk Assessment

TODOGranting AllPermission means that there is no security at all.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SEC31-J

?? high ??

probable

?? low

P??

L??

Automated Detection

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Gong 03|AA. Java References#Gong 03]\]
\[[API 06|AA. Java References#API 06]\] [AllPermission|
Inside Java 2 Platform Security
Java documentation
http://java.sun.com/
j2se/1.4.2
javase/6/docs/api/java/security/AllPermission.html
Image Removed
Java Documentation
]
\[[Security 06|AA. Java References#Security 06]\] [Security Architecture|http://java.sun.com/
j2se/1.4.2
javase/6/docs/
guide
technotes/guides/security/spec/security-spec.
doc3
doc.html
Image Removed
]