...
- Applets rarely require elevated privileges. Sign only those applets that require elevated privileges; other applets should not be signed. (See guideline ENV00-J. Do not sign code that performs only unprivileged operations.) For applications, the security policy that defines the set of permissions should be as restrictive as possible. The default security policy file grants permissions sparingly, however, the flexible security model allows the user to grant additional permissions to applications by defining a custom security policy. Several guidelines deal with granting or limiting permissions:
- SEC00-J. Avoid granting excess privileges
- SEC21-J. Remove superfluous code from privileged blocks
- ENV00-J. Do not sign code that performs only unprivileged operations
- ENV03-J. Never grant AllPermission to untrusted code
- ENV04-J. Do not grant ReflectPermission with target suppressAccessChecks
- ENV05-J. Do not grant RuntimePermission with target createClassLoader
...
SEC20-J. Do not expect java.lang.reflect.method.invoke() to behave as the immediate caller
SEC21-J. Remove superfluous code from privileged blocks
Risk Assessment Summary
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC00- J | high | probable | high | P6 | L2 |
SEC01- J | medium | likely | medium | P12 | L1 |
SEC02- J | medium | likely | high | P6 | L2 |
SEC03- J | high | likely | low | P27 | L1 |
SEC04- J | high | probable | medium | P12 | L1 |
SEC05- J | high | probable | medium | P12 | L1 |
SEC06- J | medium | likely | medium | P12 | L1 |
SEC06- J | high | probable | medium | P12 | L1 |
SEC07- J | medium | probable | low | P12 | L1 |
SEC08- J | high | probable | medium | P12 | L1 |
SEC09- J | high | probable | medium | P12 | L1 |
SEC10- J | medium | probable | high | P4 | L3 |
SEC11- J | high | probable | low | P18 | L1 |
SEC12- J | high | likely | high | P9 | L2 |
SEC13- J | high | likely | high | P9 | L2 |
SEC14- J | medium | probable | high | P4 | L3 |
SEC15- J | medium | likely | high | P6 | L2 |
SEC16- J | medium | probable | high | P4 | L3 |
SEC17- J | medium | likely | low | P18 | L1 |
SEC18- J | medium | probable | high | P4 | L3 |
SEC19- J | high | probable | medium | P12 | L1 |
SEC21- J | high | probable | high | P6 | L2 |
...
ENV10-J. Do not disable bytecode verification The CERT Oracle Secure Coding Standard for Java SEC00-J. Avoid granting excess privileges