SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 59

changes.mady.by.user Tracey Tamules

Saved on

compared with

New Version 60

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Automated update-Scrapy V0.1 Fixing Navigation links Automatic Nagivation Script

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9bb67143dc3cb8cb-35493551-46bc481c-81f39dec-24aec50bbf6b86bced731d8e"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[method doPrivileged()

http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4ae9709ec1c10042-d9b6ce4d-485b48c8-901d898b-343d75275b6e7d5ad88a95ae"><ac:plain-text-body><![CDATA[

[[Gong 2003

AA. Bibliography#Gong 03]]

Sections 6.4, "AccessController"

]]></ac:plain-text-body></ac:structured-macro>

 

9.5 "Privileged Code"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2a4387224cd3d07e-3252b319-484049c6-b50686a6-7baaf52af6df68147bf6ae46"><ac:plain-text-body><![CDATA[

[[Jovanovic 2006

AA. Bibliography#Jovanovic 06]]

"Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities"

]]></ac:plain-text-body></ac:structured-macro>

...

SEC00-J. Do not allow doPrivileged() blocks to leak sensitive information outside a trust boundary      14. Platform Security (SEC)      SEC04SEC02-J. Do not load trusted classes after allowing untrusted code to load arbitrary classesRemove superfluous code from privileged blocks