...
FIO00-J. Canonicalize path names originating from untrusted sources before validating
FIO01-J. Do not let Runtime.exec() fail or block indefinitely
...
OBJ38-J. Immutable classes must prohibit extension The CERT Sun Microsystems Secure Coding Standard for Java FIO00-J. Canonicalize path names originating from untrusted sources before validating