...
Guideline 6-2. "Safely invoke java.security.AccessController.doPrivileged" | |
CWE -ID 266, "Incorrect Privilege Assignment" | |
| CWE -ID 272, "Least Privilege Violation" |
| CWE -ID 732, "Incorrect Permission Assignment for Critical Resource" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f973ffe0cf56faf7-e4d4fee3-4de24e19-8224bd38-b10f949e8cb0663b95cd3f94"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="746db22a55612620-da24016f-45484ac2-b494acd5-833ec1965a72336f55991054"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | Sections 6.4, "AccessController" | ]]></ac:plain-text-body></ac:structured-macro> | |
| 9.5 "Privileged Code" | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ecff4a22d8695198-0f1b35db-4a924b9b-9c9db521-bbd14ac4dd95c6f23a0cd5b0"><ac:plain-text-body><![CDATA[ | [[Jovanovic 2006 | AA. Bibliography#Jovanovic 06]] | "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities" | ]]></ac:plain-text-body></ac:structured-macro> |
...