Page History

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SCG 2007	Guideline 6-1. Safely invoke java.security.AccessController.doPrivileged()
MITRE CWE

...

	CWE-266 "Incorrect Privilege Assignment"

...

CWE

...

-272 "Least Privilege Violation"

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup

...

" ac:schema-version="1" ac:macro-id="a36e161d-5797-46a8-b603-c2c5755b0a1b"><ac:plain-text-body><![CDATA[

[[API

...

2006

...

AA.

...

Bibliography#API

...

06]

...

]

...

[method

...

doPrivileged()

...

http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)

...

]	]]></ac:plain-text-body></ac:structured-macro>
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="fec2cb7a-cc2a-4a61-9c5e-e849e4b82d8a"><ac:plain-text-body><![CDATA[	[[Gong

...

2003

...

AA.

...

Bibliography#Gong

...

03]

...

]

...

Sections

...

6.4,

...

AccessController

...

and

...

9.5

...

Privileged

...

Code	]]></ac:plain-text-body></ac:structured-macro>

...

OBJ15-J. Minimize the accessibility of classes and their members 14. Platform Security (SEC) SEC03-J. Do not allow tainted variables in doPrivileged blocks

Space shortcuts

Page tree

Versions Compared

Old Version 73

New Version 74

Key

Related Guidelines

Bibliography