New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Limit the extensibility of classes and methods #24

Open

OlivierJaquemet opened this issue Feb 26, 2020 · 0 comments

Labels

on-hold

Contributor

OlivierJaquemet commented Feb 26, 2020

Apply Guideline 4-5 / EXTEND-5 from the Secure Coding Guidelines for Java SE

Design classes and methods for inheritance or declare them final [6]. Left non-final, a class or method can be maliciously overridden by an attacker. A class that does not permit subclassing is easier to implement and verify that it is secure. Prefer composition to inheritance.

OlivierJaquemet referenced this issue in OlivierJaquemet/java-totp


          Fix #24 - Limit the extensibility of classes and methods

db2ed7a

Apply Guideline 4-5 / EXTEND-5: Limit the extensibility of classes and
methods from the Secure Coding Guidelines for Java SE
https://www.oracle.com/technetwork/java/seccodeguide-139067.html#4-5

OlivierJaquemet referenced this issue in OlivierJaquemet/java-totp


          Fix #24 - Limit the extensibility of classes and methods

b3bd9e7

Apply Guideline 4-5 / EXTEND-5: Limit the extensibility of classes and
methods from the Secure Coding Guidelines for Java SE
https://www.oracle.com/technetwork/java/seccodeguide-139067.html#4-5

samdjstevens added the on-hold label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment