...
This noncompliant example contains a privileged block that is used to perform two sensitive operations, loading a library and setting the default exception handler. Fortunately, when the default security manager is used, it does not permit loading the library unless the RuntimePermission loadLibrary.awt is granted in the policy file. Quite deplorably, the programmer does not guard a caller from performing the second sensitive operation — of setting the default exception handler. This security weakness can be exploited, for example, by programming the and installing a handler so that it reveals information that should be kept a legit handler would keep secure.
| Code Block | ||
|---|---|---|
| ||
class LoadLibrary {
private void loadLibrary() {
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
// privileged code
System.loadLibrary("awt");
// perform some sensitive operation like setting the default exception handler
MyExceptionReporter.setExceptionReporter(reporter);
return null;
}
});
}
}
|
...