SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Title: SEC01-J. Do not allow tainted variables in privileged blocks  
Author: Dhruv Mohindra Aug 13, 2009
Last Changed by: Jon O'Donnell Aug 06, 2021
Tiny Link: (useful for email) https://wiki.sei.cmu.edu/confluence/x/qDdGBQ
Export As: Word · PDF  
Incoming Links
SEI CERT Oracle Coding Standard for Java (3)
    Page: SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary
    Page: SEC02-J. Do not base security checks on untrusted sources
    Page: ENV01-J. Place all security-sensitive code in a single JAR and sign and seal it
Hierarchy
Parent Page
    Page: Rule 15. Platform Security (SEC)
Labels
Global Labels (9)
Recent Changes
Time Editor  
Aug 06, 2021 09:24 Jon O'Donnell View Changes
May 18, 2021 08:45 Michal Rozenau View Changes
Parasoft Jtest 2021.1
Feb 26, 2021 09:49 Michal Rozenau View Changes
Parasoft Jtest 2020.2
Jul 01, 2015 12:12 Carol J. Lallier View Changes
Apr 07, 2015 12:00 Will Snavely  
Outgoing Links
External Links (6)
    cwe.mitre.org/data/definitions/732.html
    cwe.mitre.org/data/definitions/266.html
    cwe.mitre.org/
    https://docs.oracle.com/javase/8/docs/api/java/security/Acc…
    cwe.mitre.org/data/definitions/272.html
    www.oracle.com/technetwork/java/seccodeguide-139067.html
SEI CERT C Coding Standard (1)     Page: CodeSonar
SEI CERT Oracle Coding Standard for Java (12)     Page: Parasoft
    Page: IDS00-J. Prevent SQL injection
    Page: CodeSonar_V
    Page: Parasoft_V
    Page: SEC02-J. Do not base security checks on untrusted sources
    Page: Rule AA. References
    Page: SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary
    Page: FIO16-J. Canonicalize path names before validating them
    Home page: SEI CERT Oracle Coding Standard for Java
    Page: Rule 15. Platform Security (SEC)
    Page: FIO00-J. Do not operate on files in shared directories
    Page: Rule BB. Glossary