...
Wiki Markup |
---|
\[[API 06|AA. Java References#API 06]\] [Class SecurityManager|http://java.sun.com/javase/6/docs/api/java/lang/SecurityManager.html], Class AccessControlContext, Class AccessController \[[Policy 02|AA. Java References#Policy 02]\] \[[Pistoia 04|AA. Java References#Pistoia 04]\] Section 7.4, The Security Manager \[[Gong 03|AA. Java References#Gong 03]\] Section 6.1, Security Manager \[[SecuritySpec 08|AA. Java References#SecuritySpec 08]\] 6.2 SecurityManager versus AccessController \[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 358|http://cwe.mitre.org/data/definitions/358.html] "Improperly Implemented Security Check for Standard" |
...
ENV04ENV01-J. Place all privileged code in a single package and seal the package 01. Runtime Environment (ENV) ENV31-J. Never grant AllPermission to untrusted code