avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <dona...@apache.org>
Subject Re: Coding Standards Update
Date Thu, 21 Jun 2001 15:38:49 GMT
On Fri, 22 Jun 2001 01:19, Berin Loritsch wrote:
> Peter Donald wrote:
> > On Thu, 21 Jun 2001 23:22, Berin Loritsch wrote:
> > > I beleive we need to go through our Coding Standards document,
> > > purge some items (since they do not apply to modern JVMs) and
> > > incorporate ideas from this list of documents:
> > >
> > > Twelve rules for developing more secure Java code
> > > -------------------------------------------------
> > > http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules_p.htm
> > >l
> >
> > Ouch I never knew about Rule 5 - Inner classes are evil. Rule 4 no longer
> > applies because we could choose to seal packages if we wanted to.
>
> Actually rule 4 still applies.  Manifest sealing of a jar ONLY works when a
> SecureClassLoader is used.  Package sealing is too easily disabled to
> trust. The point is important: don't trust package access (no modifiers).

But if you are not running in SecureClassLoader and under a SecurityManager, 
your code can do all sorts of nasty things by careful manipulation of 
bytecodes. So if you do choose to run without Secur* then the code is 
insecure anyways.

> Other than that--how should we modify our code standards doc?

I am not sure we should modify it directly. Maybe create new document to 
describe secure practices as these really don't have a lot to do with 
presentation of code but more to do with structure? Not sure.

----------------------------------------
Content-Type: application/x-pkcs7-signature; charset="us-ascii"; 
name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Description: S/MIME Cryptographic Signature
----------------------------------------

-- 
Cheers,

Pete

*-----------------------------------------------------*
| "Faced with the choice between changing one's mind, |
| and proving that there is no need to do so - almost |
| everyone gets busy on the proof."                   |
|              - John Kenneth Galbraith               |
*-----------------------------------------------------*

---------------------------------------------------------------------
To unsubscribe, e-mail: avalon-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: avalon-dev-help@jakarta.apache.org


Mime
View raw message