SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 84

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 85

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

APIs capable of bypassing SecurityManager's checks

java.lang.Class.newInstance()

java.lang.Class.getClassLoader()

java.lang.Class.getClasses()

java.lang.Class.getField(s)

java.lang.Class.getMethod(s)

java.lang.Class.getConstructor(s)

java.lang.Class.getDeclaredClasses()

java.lang.Class.getDeclaredField(s)

java.lang.Class.getDeclaredMethod(s)

java.lang.Class.getDeclaredConstructor(s)

java.lang.ClassLoader.getParent()

java.lang.ClassLoader.getSystemClassLoader()

java.lang.Thread.getContextClassLoader()

Wiki Markup
As an example of what constitutes the immediate caller and the object, consider the method {{java.lang.Class.newInstance()}}. Here, the immediate caller is the class that contains this method call whereas the object on which the {{newInstance()}} method is being invoked is referred to as the {{Class}} object ({{classObjectName.newInstance()}}). According to the Java Language Specification \[[JLS 2005|AA. Bibliography#JLS 05]\], the method {{getClass()}} returns the {{Class}} object that represents the class of the object.

...