...
OBJ08-EX1: Sensitive classes should not be cloneable, per rule "OBJ03-J. Sensitive classes must not let themselves be copied."
Risk Assessment
Creating a mutable class without providing copy functionality can result in the data of its instance becoming corrupted when the instance is passed to untrusted code.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9983328f61aef381-444b4cf8-4de6413f-9a5b8779-6a4a3ed8f07256c677ecba6e"><ac:plain-text-body><![CDATA[ | [[MITRE 2009 | AA. Bibliography#MITRE 09]] | [CWE-374 | http://cwe.mitre.org/data/definitions/374.html] "Passing Mutable Objects to an Untrusted Method" and [CWE-375 | http://cwe.mitre.org/data/definitions/375.html] "Returning a Mutable Object to an Untrusted Caller" | ]]></ac:plain-text-body></ac:structured-macro> |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5a60975795dde40d-12828222-40534ece-9401a110-b582de60d75649152818de83"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method clone() | http://java.sun.com/javase/6/docs/api/java/lang/Object.html#clone()] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="40e92be7a631640b-39761ee9-4c96485f-820e9814-93fd68e9c419a0793f68546c"><ac:plain-text-body><![CDATA[ | [[Bloch 2008 | AA. Bibliography#Bloch 08]] | Item 39: Make defensive copies when needed and Item 11: Override clone judiciously | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="63b0692bd6f2f55c-d0586de7-44d04c6b-9de0bb42-34b38a9d3eb13ccf15368b9d"><ac:plain-text-body><![CDATA[ | [[SCG 2007 | AA. Bibliography#SCG 07]] | Guideline 2-2 Support copy functionality for a mutable class | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f8efe63509122c42-8c46dc65-46104145-97fcb90d-24ac8b1b522dc5290dd8e070"><ac:plain-text-body><![CDATA[ | [[SCG 2009 | AA. Bibliography#SCG 09]] | Guideline 2-3 Support copy functionality for a mutable class | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="93cc879739b85856-a3d53f2d-49e449bf-ad988162-c2c7599de066ab487712ec43"><ac:plain-text-body><![CDATA[ | [[Security 2006 | AA. Bibliography#Security 06]] | ]]></ac:plain-text-body></ac:structured-macro> |
...