...
Leaving extra entry points into production code could allow an attacker to gain special access to the program.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ENV06-J | High | Probable | Low | P18 | L1 |
Automated Detection
This rule is not amenable to automated static analysis.
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| JAVA.DEBUG.CEDF | Class enables debug features | ||||||
| SonarQube |
| S2653 | Detects main in Servlets and EJBs |
Bibliography
...
...