Page History

...

Automated Detection

Automated checking is clearly not possible in the general case. We might be able to do something with escape analysis to check that we are not leaking privileged data provided that privileged data is marked by the user, and even that would be difficult.

...

MITRE CWE: CWE-272

Bibliography

Wiki Markup\[[API 2006|AA. References#API 06]\] Class {{java.security.AccessController}}

...

09. Platform Security (SEC)      09. Platform Security (SEC)