SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 89

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 90

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
Signing code, however, has its own problems. According to Schneier \[[Schneier 2000|AA. Bibliography#SchneierReferences#Schneier 00]\]

First, users have no idea how to decide if a particular signer is trusted or not. Second, just because a component is signed doesn't mean that it is safe. Third, just because two components are individually signed does not mean that using them together is safe; lots of accidental harmful interactions can be exploited. Fourth, "safe" is not an all-or-nothing thing; there are degrees of safety. And fifth, the fact that the evidence of attack (the signature on the code) is stored on the computer under attack is mostly useless: The attacker could delete or modify the signature during the attack, or simply reformat the drive where the signature is stored.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="adf6d2ca6dccffe2-a2529ac5-4bee4688-a27192cd-fe091214457112266d9d04d1"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

Adherence to least privilege [XYN]

]]></ac:plain-text-body></ac:structured-macro>

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9a6e1651e5d55357-09f5a834-47e74ce7-99b1b32f-80660d7db4f9211917b5efa9"><ac:plain-text-body><![CDATA[

[[Dormann 2008

AA. Bibliography#Dormann References#Dormann 08]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b9229b5323ce8419-cb70e5b9-4a234831-9e189a85-5f1cc2c5b6081436ce2a7f06"><ac:plain-text-body><![CDATA[

[[McGraw 1999

AA. Bibliography#McGraw References#McGraw 99]]

Appendix C, Sign Only Privileged Code

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="093681138ce215c5-c50cd330-4b7a4c3e-91c08603-f58cec56db6946155c71b481"><ac:plain-text-body><![CDATA[

[[Schneier 2000

AA. Bibliography#Schneier References#Schneier 00]]

 

]]></ac:plain-text-body></ac:structured-macro>

...