¡@
java Programming Glossary: maliciousAre Thread.stop and friends ever safe in Java? http://stackoverflow.com/questions/1283328/are-thread-stop-and-friends-ever-safe-in-java code case out for now. Or at least acknowledge that malicious code can do things to render itself not safely killable and..
Handling passwords used for auth in source code http://stackoverflow.com/questions/12937641/handling-passwords-used-for-auth-in-source-code instead and this poses security problems because malicious programs might gain access to that String password data before..
How to implement Java 256-bit AES encryption with CBC http://stackoverflow.com/questions/1440030/how-to-implement-java-256-bit-aes-encryption-with-cbc isn't a good idea for them to use the same secret key. One malicious user can recover the key and break the system for everyone...
Must all properties of an immutable object be final? http://stackoverflow.com/questions/16061030/must-all-properties-of-an-immutable-object-be-final against misuse of an immutable class by incorrect or malicious code. final fields must be used correctly to provide a guarantee..
How to protect Java codes against decompiler? [closed] http://stackoverflow.com/questions/1879061/how-to-protect-java-codes-against-decompiler can't protect the class files from a decompiler and from malicious users. However the output of the decompiler may not be valid..
How do I identify immutable objects in Java http://stackoverflow.com/questions/203475/how-do-i-identify-immutable-objects-in-java reading the documentation. I do NOT need to defend against malicious developers anyone clever enough to mutate a String or perform..
What is the security risk of object reflection? http://stackoverflow.com/questions/3002904/what-is-the-security-risk-of-object-reflection of internal data is possible. It can lead to various malicious exploits e.g. strings are not immutable anymore and can be changed..
How to “Purify” HTML code to prevent XSS attacks in Java or JSP? http://stackoverflow.com/questions/3587199/how-to-purify-html-code-to-prevent-xss-attacks-in-java-or-jsp HTML based on a white list but a user can still inject malicious code with a POST request so this is not enough. A good library..
What are advantages of bytecode over native code? [closed] http://stackoverflow.com/questions/48144/what-are-advantages-of-bytecode-over-native-code this kind of validation it doesn't have the instructions a malicious programmer would use to hide their assault. Size In the microprocessor..
Sandbox against malicious code in a Java application http://stackoverflow.com/questions/502218/sandbox-against-malicious-code-in-a-java-application against malicious code in a Java application In a simulation server environment..
What's the penalty for Synthetic methods? http://stackoverflow.com/questions/5557955/whats-the-penalty-for-synthetic-methods think is private. Synthetic accessors can be exploited by malicious code as demonstrated below. If your code needs to run in a secure..
http://stackoverflow.com/questions/6825907/why-put-jsp-in-web-inf including db.jsp but by itself it throws an exception a malicious user can open http yoursite.com db.jsp and get some insight..
http://stackoverflow.com/questions/7187883/how-to-encrypt-a-jar-file Since this second jar file cannot be itself encrypted a malicious user wanting to see you class files can simply look at classes..
|