...
The untrustedCode() method of class Untrusted invokes the loadLib() method of class NativeCode in this noncompliant code example. This is insecure as the library is loaded on behalf of untrusted code. In essence, the untrusted code's class loader may be able to indirectly load the intended library even if it does not have sufficient permissions. After loading the library, untrusted code can call native methods on it if the methods are accessible.
| Code Block | ||
|---|---|---|
| ||
class NativeCode {
public native void loadLib();
static {
try {
System.loadLibrary("/com/foo/MyLib.so");
}catch(UnsatisfiedLinkError e) { e.getMessage(); }
}
}
class Untrusted {
public static void untrustedCode() {
new NativeCode().loadLib();
}
}
|
...