Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

Rules

Content by Label

showLabels	false
max	99
spaces	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
sort	title
showSpace	false
labels	+sec, +rule, -void
cql	label = "sec" and label = "rule" and label != "void" and space = currentSpace()

Risk Assessment Summary

Recommendations

SEC01-J. Be careful using doPrivileged

SEC02-J. Beware of standard APIs that may bypass Security Manager checks

SEC03-J. Beware of standard APIs that may use the immediate caller's class loader instance

SEC04-J. Beware of standard APIs that perform access checks against the immediate caller

SEC06-J. Assume that all Java clients can be reverse engineered, monitored, and modified

SEC07-J. Minimize accessibility

Rules

SEC30-J. Always use a Security Manager

SEC31-J. Never grant AllPermission

SEC32-J. Do not grant ReflectPermission with action suppressAccessChecks

SEC33-J. Define wrappers around native methods

SEC34-J. Do not allow the unauthorized construction of sensitive classes

SEC35-J. Provide mutable classes with a clone method

SEC36-J. Ensure that the bytecode verifier is applied to all involved code upon any modification

Risk Assessment Summary

...

Rule
Severity
Likelihood
Remediation Cost
Priority
Level
SEC01SEC00-J medium Medium probable Likely high High
P4 P6
L3 L2 SEC02
SEC01-J medium High probable Likely high Low
P4 P27
L3 L1 SEC03
SEC02-J medium High probable Probable high Medium
P4 P12
L3 L1 SEC04
SEC03-J medium High probable Probable high Medium
P4 P12
L3 L1 SEC06
SEC04-J medium High probable Probable high Medium
P4 P12
L3 L1 SEC07
SEC05-J medium High probable Probable
high
P4
L3

Rules

L3

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
Medium	P12	L1
SEC06
SEC30-J	high	probable	low	P18	L1
SEC30-J	high High	likely Probable	high Medium	P9	L2	SEC31-J	high	probable	low	P18	P12	L1 SEC32
SEC07-J	high High	probable Probable	low Low	P18	L1
SEC33-J	medium	probable	high	P4	L3
SEC34-J	high	probable	high	P6	L2
SEC35-J	low	unlikely	medium	P2

...

Image Added Image Added Image Added