According to the Java Language Specification [[JLS 2005]], Section 8.4.8.3, "Requirements in Overriding and Hiding"
The access modifier of an overriding or hiding method must provide at least as much access as the overridden or hidden method, or a compile-time error occurs.
The following are the allowed accesses:
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
MET17-J |
medium |
probable |
medium |
P8 |
L2 |
Automated Detection
Straightforward.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Related Guidelines
MITRE CWE: CWE-487 "Reliance on Package-level Scope"
SCG 2007 Guideline 1-1 Limit the accessibility of classes, interfaces, methods, and fields
Bibliography
[[JLS 2005]] Section 8.4.8.3
, "Requirements in Overriding and Hiding"
DCL14-J. Minimize the scope of variables DCL15-J. Do not shadow or obscure identifiers in subscopes