...
An alternative is to read the file names from a secure directory. The security policy file may grant permissions to the application to read files from a specific directory. The security manager must be used when running the application. (ENV30-J. Create a secure sandbox using a Security Manager)
Risk Assessment
OS command injection can cause arbitrary programs to be executed.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC32- J | high | probable | medium | P12 | L1 |
...