SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 80

changes.mady.by.user Tracey Tamules

Saved on

compared with

New Version 81

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: wordsmithing & code tweaks

The permission java.security.AllPermission grants all possible permissions to code. This facility was included to reduce the burden of managing a multitude of permissions during routine testing, as well as to use when a body of code is completely trusted. Code is typically granted AllPermission via the security policy file; it is also possible to programmatically associate AllPermission with a ProtectionDomain. This permission is dangerous in production environments; never grant AllPermission to untrusted code.

...

Always assign appropriate permissions to code. Define custom permissions when the granularity of the standard permissions is insufficient. See rule SEC10-J. Define custom security permissions for fine grained security for more information.

Noncompliant Code Example (PermissionCollection)

...

Code Block
bgColor#FFcccc
protected PermissionCollection getPermissions(CodeSource cs) {
  PermissionCollection pc = new Permissions(super.getPermissions(cs);
  pc.add(new java.security.AllPermission());   
  // other permissions
  return pc;
}

This example also violates rule SEC07-J. Call the superclass's getPermissions method when writing a custom class loader.

Compliant Solution

This compliant solution fails to grant the java.security.AllPermission to any class that it loads.

Code Block
bgColor#ccccff
protected PermissionCollection getPermissions(CodeSource cs) {
  PermissionCollection pc = super.getPermissions(cs);
  // add fine-grained permissions
  return pc;
}

Exceptions

ENV03-EX1EX0: It may be necessary to grant AllPermission to trusted library code so that callbacks work as expected. For example, it is common practice, and acceptable, to grant AllPermission to the optional Java packages (extension libraries):

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="bd01ca8efecabc4c-123de7ce-4c9e43cd-8cdc83bd-072362bb640bd29b50c52c74"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[Class AllPermission

http://java.sun.com/javase/6/docs/api/java/security/AllPermission.html]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="35777abf935cda89-ebbf0d35-432f45b0-af8cb7f8-902d48b24eff2d62038ac90f"><ac:plain-text-body><![CDATA[

[[Gong 2003

AA. Bibliography#Gong 03]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0e3c5f17e11a75a3-8a2e960d-46e34d8b-bfa08930-05ad3cafbb7e73646ae3ed28"><ac:plain-text-body><![CDATA[

[[Security 2006

AA. Bibliography#Security 06]]

[Security Architecture

http://java.sun.com/javase/6/docs/technotes/guides/security/spec/security-spec.doc.html]

]]></ac:plain-text-body></ac:structured-macro>

...