...
This noncompliant code example shows a snippet of a custom class loader that extends the class URLClassLoader. It overrides the getPermissions() method and does not call the superclass's more restrictive getPermissions method. Note that URLClassLoader's getPermissions() method calls the Policy class's getPermissions() method which by default, uses the system policy file to enforce access control. Therefore, a class defined using the custom class loader will have permissions that are completely independent of those specified in the system-wide policy file and will in effect, override them.
| Code Block | ||
|---|---|---|
| ||
protected PermissionCollection getPermissions(CodeSource cs) {
PermissionCollection pc = new Permissions();
pc.add(new RuntimePermission("exitVM")); //allow exit from the VM anytime
return pc;
}
|
...
Failure to consult the default system policy while defining a custom classloader violates the tenets of defensive programming and may result in classes defined using with unintended permissions.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC10-J | high | probable | low | P18 | L1 |
...