Java Reference
In-Depth Information
Bibliography
[API 2013]
Class
ClassLoader
[Chan 1998]
java.lang.reflect AccessibleObject
[Guillardoy 2012]
Java 0Day Analysis (CVE-2012-4681)
[Long 2012]
SEC00-J. Do not allow privileged blocks to leak sensitive information across
a trust boundary
SEC03-J.Donotloadtrustedclassesafterallowinguntrustedcodetoloadar-
bitrary classes
SEC05-J. Do not use reflection to increase accessibility of classes, methods,
or fields
[Manion 2013]
“Anatomy of Java Exploits”
[Oracle 2013d]
Oracle Security Alert for CVE-2013-0422
19. Define custom security permissions for fine-grained security
The default
SecurityManager
checks whether the caller of a particular method has suffi-
cient permissions to proceed with an action. An action is defined in Java's security archi-
tecture as a level of access, and requires certain permissions before it can be performed.
For example, the actions for
java.io.FilePermission
are
read, write, execute
, and
de-
lete
[API 2013]. The “Permission Descriptions and Risks” guide [Oracle 2011d] enumer-
ates the default permissions and the risks associated with granting these permissions to
Java code.
Sometimes, stronger restrictions than those provided by the default security manager
are necessary. Failure to provide custom permissions when no corresponding default per-
missions exist can lead to privilege escalation vulnerabilities that enable untrusted callers
to execute restricted operations or actions.
