...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Guideline 6-2 Safely invoke java.security.AccessController.doPrivileged | |
CWE ID 266, "Incorrect Privilege Assignment" | |
| CWE ID 272, "Least Privilege Violation" |
| CWE ID 732, "Incorrect Permission Assignment for Critical Resource" |
Guideline 6-2 Safely invoke java.security.AccessController.doPrivileged |
Bibliography
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9ed5c3f330f1ad72-dc51c947-41e24fcf-8bab8716-2d3555cc323994d7f056e1d1"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b4e93b24ccd3c9cc-e3ea6f80-4ed34c6e-98338069-9e4cbcb8a8561cbf72c47ddb"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | Sections 6.4, "AccessController" | ]]></ac:plain-text-body></ac:structured-macro> | |
| 9.5 "Privileged Code" | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4a54c15a29867f1f-ca203e3e-46414e39-a1a1b629-b8deb7b65823d972f3189bc8"><ac:plain-text-body><![CDATA[ | [[Jovanovic 2006 | AA. Bibliography#Jovanovic 06]] | "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities" | ]]></ac:plain-text-body></ac:structured-macro> |
...