...
| Wiki Markup |
|---|
Classes and class members shouldmust be given the minimum possible access so that malicious code has the least opportunity to compromise security. As far as possible, classes should avoid exposing methods that contain (or invoke) [sensitive code|BB. Definitions#sensitive code] through interfaces; interfaces allow only publicly accessible methods, and such methods are part of the public Application Programming Interface (API) of the class. (Note that this is the opposite of Bloch's recommendation to prefer interfaces for APIs \[[Bloch 2008|AA. Bibliography#Bloch 08], Item 16\].) One exception to this is implementing an _unmodifiable_ interface that exposes a public immutable view of a mutable object. (See rule [OBJ04-J. Provide mutable classes with copy functionality to allow passing instances to untrusted code safely].) Additionally, note that even if a non-final class's visibility is default, it can be susceptible to misuse if it contains public methods. Methods that perform all necessary security checks, as well as sanitizing all inputs, can also be exposed through interfaces. |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="71a2422e1167e1eb-5a9592d3-44a74ccd-bd4dbeac-f6eec904bdfc97952a7201bf"><ac:plain-text-body><![CDATA[ | [[Bloch 2008 | AA. Bibliography#Bloch 08]] | Item 13: Minimize the accessibility of classes and members; Item 16: Prefer interfaces to abstract classes | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4614d05f9f9bc75a-308d1f19-49504c2e-841c9622-99c3020b877efb42bec86d9d"><ac:plain-text-body><![CDATA[ | [[Campione 1996 | AA. Bibliography#Campione 96]] | [Access Control | http://www.telecom.ntua.gr/HTML.Tutorials/java/javaOO/accesscontrol.html] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1e3af7ca526cb5cb-3898816e-41874eb8-94a887a1-2647a6af56bb01ab5cf43931"><ac:plain-text-body><![CDATA[ | [[JLS 2005 | AA. Bibliography#JLS 05]] | [Section 6.6, Access Control | http://java.sun.com/docs/books/jls/third_edition/html/names.html#6.6] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c00a503ed169ca99-1670a52d-45204b4a-bddc825d-c29321b6b90ebae2fe18e369"><ac:plain-text-body><![CDATA[ | [[McGraw 1999 | AA. Bibliography#McGraw 99]] | Chapter 3, Java Language Security Constructs | ]]></ac:plain-text-body></ac:structured-macro> |
...