Wiki Markup SecurityManager}} checks whether the caller of a particular method has sufficient permissions to proceed with an action. An action is a level of access; for instance, the actions for {{java.io.FilePermission}} are "read," "write," "execute," and "delete" \ [[Sun 2006|AA. References#Sun 06]\]. The "Permission Descriptions and Risks" guide \ [[Permissions 2008|AA. References#Permissions 08]\] enumerates the default permissions and the risks associated with granting these permissions to Java code.
Sometimes, stronger restrictions than those provided by the default security manager are necessary. Custom permissions prove to be more suitable for privilege separation in such cases. Failure to provide custom permissions when no corresponding default permissions exist can lead to privilege escalation vulnerabilities that enable untrusted callers to execute restricted operations or actions.
...
MITRE CWE: CWE-732, "Incorrect Permission Assignment for Critical Resource"
Bibliography
...
\[[API 2006|AA. References#API 06]\] [Class SecurityManager|http://java.sun.com/javase/6/docs/api/java/lang/SecurityManager.html]
\[[Oaks 2001|AA. References#Oaks 01]\] Chapter 5: The Access Controller, "Permissions"
\[[Policy 2002|AA. References#Policy 02]\]
\[[Sun 2006|AA. References#Sun 06]\] [Permission Descriptions and Risks|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html]SecurityManager
[Oaks 2001] Chapter 5: The Access Controller, "Permissions"
[Policy 2002]
[Sun 2006] Permission Descriptions and Risks
...
SEC09-J. Do not base security checks on untrusted sources 09. Platform Security (SEC) SEC11-J. Call the superclass's getPermissions method when writing a custom class loader