| Wiki Markup |
|---|
A nested class is any class whose declaration occurs within the body of another class or interface \[[JLS 2005|AA. Bibliography#JLS 05]\]. Nested classes are a broad set of classes that are classified as {{static}} member and inner classes. "An inner class is a nested class that is not explicitly or implicitly declared {{static}}" \[[JLS 2005|AA. Bibliography#JLS 05]\]. An inner class may be local, anonymous, or non-static. |
...
The Java Language System weakens the accessibility of sensitive, private entities in inner classes which can result in a security weakness.
Guideline Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SCP03OBJ17-J | medium | probable | medium | P8 | L2 |
Automated Detection
Automated detection of non-private nested classes that define non-private members and constructors is straight-forward. However, this guideline applies only when those classes could potentially expose sensitive data or operations from the outer class. Detection of sensitive data or operations requires programmer assistance.
...