Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ebe1a5fb6bd4a269-db2779fd-4eac41cb-a6febaf8-d090830c0826bd43f35bb521"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[method doPrivileged()

http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b5582197e8e51f19-999557d2-484a4416-b991a470-327439c45c6b6a126f09445d"><ac:plain-text-body><![CDATA[

[[Gong 2003

AA. Bibliography#Gong 03]]

Sections 6.4, "AccessController"

]]></ac:plain-text-body></ac:structured-macro>

 

9.5 "Privileged Code"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d925d3a74f03c26c-fd523098-4d524ef0-acb4b9a7-566d0fce380b47208b75a6af"><ac:plain-text-body><![CDATA[

[[Jovanovic 2006

AA. Bibliography#Jovanovic 06]]

"Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities"

]]></ac:plain-text-body></ac:structured-macro>

...

SEC02-J. Do not allow doPrivileged() blocks to leak sensitive information outside a trust boundary      14. Platform Security (SEC)      SEC04-J. Do not expose standard APIs that bypass Security Manager checks to untrusted codeload trusted classes after allowing untrusted code to load arbitrary classes