SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 55

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 56

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This noncompliant code example shows a fragment of a custom class loader that extends the class URLClassLoader. It overrides the getPermissions() method and does not call the superclass's more restrictive getPermissions() method. Consequently, a class defined using this custom class loader has permissions that are completely independent of those specified in the system-wide systemwide policy file. In effect, the class's permissions override them.

Code Block
bgColor#FFcccc
protected PermissionCollection getPermissions(CodeSource cs) {
  PermissionCollection pc = new Permissions();
  // allow exit from the VM anytime
  pc.add(new RuntimePermission("exitVM"));   // allow exit from the VM anytime
  return pc;
}

Compliant Solution

In this compliant solution, the getPermissions() method calls super.getPermissions(). As a result, the default system-wide systemwide security policy is applied, in addition to the custom policy.

Code Block
bgColor#ccccff
protected PermissionCollection getPermissions(CodeSource cs) {
  PermissionCollection pc = super.getPermissions(cs);
  // allow exit from the VM anytime
  pc.add(new RuntimePermission("exitVM"));   // allow exit from the VM anytime
  return pc;
}

Risk Assessment

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="856eaca3bfcd0eb8-46b396ed-440644dc-ab5793d4-fdcf90114a083307ac3e26e6"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[Class ClassLoader

http://java.sun.com/javase/6/docs/api/java/lang/ClassLoader.html]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="39c93cc88a528576-bada86ba-478c4fdb-ae84a216-b7003ce50e9cfbf5326c1d5c"><ac:plain-text-body><![CDATA[

[[Oaks 2001

AA. Bibliography#Oaks 01]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3d436ace1ed1687c-936f04cb-431d4835-8f9e9b7c-6d7bcfdfbad40462607f344a"><ac:plain-text-body><![CDATA[

[[Security 2006

AA. Bibliography#Security 06]]

 

]]></ac:plain-text-body></ac:structured-macro>

...