...
Despite the security manager checks, the data in this example is not sensitive. Serializing unencrypted, sensitive data violates rule SER03-J. Do not serialize unencrypted , sensitive data.
AccessDeniedException and InvalidInputException are both security exceptions that can be thrown by any method without requiring a throws declaration.
...
The java.security package exists on Android for compatibility purposes only and it should not be used.
Bibliography
Section 2.4, Serialization |
...
SER03-J. Do not serialize unencrypted, sensitive data Rule 14: Serialization (SER)