Java Reference
In-Depth Information
[Long 2012]
OBJ03-J. Do not mix generic with nongeneric raw types in new code
24. Minimize the accessibility of classes and their members
Classes and class members (classes, interfaces, fields, and methods) are access controlled
inJava.Accessisindicatedbyanaccessmodifier(
public
,
protected
,or
private
)orby
theabsence ofanaccess modifier (thedefault access, alsocalled
package-private access
).
Table 2-1
presents a simplified view of the access control rules. An
x
indicates that
the particular access is permitted from within that domain. For example, an
x
in the class
columnmeansthattheclassmemberisaccessibletocodepresentwithinthesameclassin
which it is declared. Similarly, the package column indicates that the member is access-
ible from any class (or subclass) defined in the same package, provided that the class (or
subclass) is loaded by the class loader that loaded the class containing the member. The
same class loader condition applies only to package-private member access.
Table 2-1.
Access control rules
Classes and class members must be given the minimum possible access so that mali-
cious code has the least opportunity to compromise security. As far as possible, classes
shouldavoidexposingmethods that contain (orinvoke)sensitive codethroughinterfaces;
interfacesallowonlypubliclyaccessiblemethods,andsuchmethodsarepartofthepublic
application programming interface (API) of the class. (Note that this is the opposite of
JoshuaBloch'srecommendationtopreferinterfacesforAPIs[Bloch2008,Item16].)One
exception to this is implementing an
unmodifiable
interface that exposes a public immut-
able view of a mutable object. (See
The CERT
®
Oracle
®
Secure Coding Standard for
