SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 85

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 86

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: done

...

This rule meant to prevent the unintentional serialization of sensitive information. Rule SER02-J. Sign and then seal sensitive objects before sending them outside a trust boundary applies to the intentional serialization of sensitive information.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6ccc7c83c2e05156-ba39504c-4cce4730-bb5881c7-6d9105b4c00fa99a2235c4c0"><ac:plain-text-body><![CDATA[

[[Bloch 2005

AA. Bibliography#Bloch 05]]

Puzzle 83: Dyslexic Monotheism

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c8c579b6402f537c-476fecb1-4bd84521-9060b43f-580820e77f596941ba45e070"><ac:plain-text-body><![CDATA[

[[Bloch 2001

AA. Bibliography#Bloch 01]]

Item 1: Enforce the singleton property with a private constructor

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5f87faaa2c6ff691-96895919-4a194312-abf2ba00-39731792a7d7fdf192e1809f"><ac:plain-text-body><![CDATA[

[[Greanier 2000

AA. Bibliography#Greanier 00]]

[Discover the secrets of the Java Serialization API

http://java.sun.com/developer/technicalArticles/Programming/serialization/]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="53fa359ba8fa5002-3cfc3160-4c5c4832-812789d3-82a6c0e01a5ede97d79112a4"><ac:plain-text-body><![CDATA[

[[Harold 1999

AA. Bibliography#Harold 99]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="688c40d79d84f783-1e30c52d-40554301-a7208ca5-a1039502e1ec2f8debb4d1c3"><ac:plain-text-body><![CDATA[

[[JLS 2005

AA. Bibliography#JLS 05]]

[Transient modifier

http://java.sun.com/docs/books/jls/third_edition/html/classes.html#37020]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="85468ea4cb3d5f7e-d9eeb4ed-424d4e1e-825bb4ea-dc1a88dc78902705fc60c684"><ac:plain-text-body><![CDATA[

[[Long 2005

AA. Bibliography#Long 05]]

Section 2.4, Serialization

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="55220d65b64859da-4c8b349e-451a4bf8-86b2ade6-d0533291310181a3510337e7"><ac:plain-text-body><![CDATA[

[[Sun 2006

AA. Bibliography#Sun 06]]

"Serialization specification: A.4 Preventing Serialization of Sensitive Data"

]]></ac:plain-text-body></ac:structured-macro>

...

SER02-J. Sign and then seal sensitive objects before sending them outside a trust boundary      13. Serialization (SER)