50. Android (DRD)

Created by Robert Seacord, last modified by Unknown User (lflynn) on May 29, 2013

You are viewing an old version of this page. View the current version.

This appendix contains rules that are specific to the development of Java apps for the Android platform. These rules do not apply to the development of Java programs for other platforms.

Rules

Page:

Avoid having unreachable code
Page:

Copy of Rule Template
Page:

DRD00. Do not store sensitive information on external storage (SD card) unless encrypted first
Page:

DRD01-X. Limit the accessibility of an app's sensitive content provider
Page:

DRD02-J. Do not allow WebView to access sensitive local resource through file scheme
Page:

DRD03-J. Do not broadcast sensitive information using an implicit intent
Page:

DRD04-J. Do not log sensitive information
Page:

DRD05-J. Do not grant URI permissions on implicit intents
Page:

DRD06. Do not act on malicious intents
Page:

DRD07-X. Protect exported services with strong permissions
Page:

DRD08-J. Always canonicalize a URL received by a content provider
Page:

DRD09. Restrict access to sensitive activities
Page:

DRD10-X. Do not release apps that are debuggable
Page:

DRD11. Ensure that sensitive data is kept secure
Page:

DRD12. Do not trust data that is world writable
Page:

DRD13. Do not provide addJavascriptInterface method access in a WebView which could contain untrusted content. (API level JELLY_BEAN or below)
Page:

DRD14-J. Check that a calling app has appropriate permissions before responding
Page:

DRD15-J. Consider privacy concerns when using Geolocation API
Page:

DRD16-X. Explicitly define the exported attribute for private components
Page:

DRD17-J. Do not use the Android cryptographic security provider encryption default for AES
Page:

DRD18. Do not use the default behavior in a cryptographic library if it does not use recommended practices
Page:

DRD19. Properly verify server certificate on SSL/TLS
Page:

DRD20-C. Specify permissions when creating files via the NDK
Page:

DRD21-J. Always pass explicit intents to a PendingIntent
Page:

DRD22. Do not cache sensitive information
Page:

DRD23-J. Do not use loopback when handling sensitive data
Page:

DRD23. Do not use world readable or writeable to share files between apps
Page:

DRD24. Do not bundle OAuth security-related protocol logic or sensitive data into a relying party's app
Page:

DRD25. To request user permission for OAuth, identify relying party and its permissions scope
Page:

DRD25. Use constant-time encryption
Page:

DRD26-J. For OAuth, use a secure Android method to deliver access tokens
Page:

DRD27-J. For OAuth, use an explicit intent method to deliver access tokens
Page:

Rule Template

Risk Assessment Summary

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
DRD00-J	medium	likely	high	P6	L2
DRD01-J	low	unlikely	medium	P2	L3
DRD02-J	high	probable	medium	P12	L1

Rule	Rule Text	Severity	Likelihood	Remediation Cost	Priority	Level
DRD00-J
DRD01-J
DRD02-J
DRD03-J
DRD04-J
DRD05-J
DRD06-J
DRD07-J

ENV05-J. Do not deploy an application that can be remotely monitored The CERT Oracle Secure Coding Standard for Java MSC00-J. Use SSLSocket rather than Socket for secure data exchange

No labels

Space shortcuts

Page tree

Rules

Risk Assessment Summary