Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
Android
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
A
t
tachments (0)
Page History
Page Information
Resolved comments
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
Android Secure Coding Standard
4 By Language
Java Coding Language
Jira links
Not Applicable to Android (Java Rules/Recomendations)
Created by
Barbara White
, last modified by
Sandy Shrum
on
May 07, 2015
Rules
Page:
ENV00-J. Do not sign code that performs only unprivileged operations
Page:
ENV01-J. Place all security-sensitive code in a single JAR and sign and seal it
Page:
ENV03-J. Do not grant dangerous combinations of permissions
Page:
ENV05-J. Do not deploy an application that can be remotely monitored
Page:
SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary
Page:
SEC04-J. Protect sensitive operations with security manager checks
Page:
SEC07-J. Call the superclass's getPermissions() method when writing a custom class loader
Page:
SER04-J. Do not allow serialization and deserialization to bypass the security manager
Recommendations
Page:
ERR54-J. Use a try-with-resources statement to safely handle closeable resources
Page:
SEC52-J. Do not expose methods that use reduced-security checks to untrusted code
Page:
SEC54-J. Create a secure sandbox using a security manager
applicability-list
java
Overview
Content Tools
{"serverDuration": 78, "requestCorrelationId": "8af2c46b2c89b088"}
