SEI CERT Oracle Secure Coding Standard for Java - Guidelines 15. Platform Security (SEC)
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Summary
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to the rules and recommendations in the Platform Security (SEC) section of the SEI CERT Oracle Secure Coding Standard for Java.
Weaknesses
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
Concepts
CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommen...
See Also
- SEI CERT Oracle Coding Standard for Java : Rule 15. Platform Security (SEC)
The Software Engineering Institute
- SEI CERT Oracle Coding Standard for Java : Rec 15. Platform Security (SEC)
The Software Engineering Institute
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.