SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 44

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 45

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Logging is essential for debugging, incident response, or collecting forensic evidence. Nevertheless, logging sensitive data raises many concerns, including the privacy of the stakeholders, limitations imposed by the law on the collection of personal information, and the potential for data exposure by insiders. Sensitive information includes, but is not limited to, IP addresses, user names and passwords, email addresses, credit card numbers and any personally identifiable information such as social security numbers. Many countries prohibit or restrict collection of personal data; others permit retention of personal data only when held in an anonymized form. Consequently, logs must not contain sensitive data, particularly when prohibited by law.

Wiki MarkupUnfortunately, violations of this rule are common. For example, prior to version 0.8.1, LineControl Java client logged sensitive information including the local user's password \[[CVE 2008|AA. Bibliography#CVE 08]\].password as documented by CVE-2005-2990.

The java.util.logging class provides the basic logging framework in JDK v1.4 and above; the examples below use the logging framework. The basic principles apply regardless of the particular logging framework chosen.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6c4479a5c9ef8cd0-87bd03b0-440e447d-9117bd46-21914d549f07d0bd6c7b8cf0"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID 532

http://cwe.mitre.org/data/definitions/532.html] "Information Exposure Through Log Files"

]]></ac:plain-text-body></ac:structured-macro>

 

CWE ID 533 "Information Exposure Through Server Log Files"

 

CWE ID 359 "Privacy Violation"

 

CWE ID 542 "Information Exposure Through Cleanup Log Files"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0c52c7c84921b4f2-f1172666-486249c8-a305b891-3e10728a3829c6c88cf20921"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]] ]

Class java.util.logging.Logger

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5057019fcd005250-281e9235-4b594ba1-b76ba45d-b6009e177e620e9046ff0519"><ac:plain-text-body><![CDATA[

[[Chess 2007

AA. Bibliography#Chess 07]] ]

11.1 Privacy and Regulation: Handling Private Information

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e9f766e060dfab89-d04eca6f-47554b61-800d8b6d-ff09f3e9bf7621f73739c341"><ac:plain-text-body><![CDATA[

[[CVE 2008

AA. Bibliography#CVE 08]]]

[CVE-2005-2990

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2990]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ac488f747d21216c-037c76ce-436845b9-a185bb64-dfc685a49864b9adf5487317"><ac:plain-text-body><![CDATA[

[[Sun 2006

AA. Bibliography#Sun 06]]]

[Java Logging Overview

http://java.sun.com/javase/6/docs/technotes/guides/logging/overview.html]

]]></ac:plain-text-body></ac:structured-macro>

...