SV.CLEXT.POLICY
Code inspection rule. SV.CLEXT.POLICY occurs when a class extends java.security.Policy.
Vulnerability and risk
Allowing implementations of 'java.security.Policy' could lead to a security and/or permissions breach.
Klocwork security vulnerability (SV) checkers identify calls that create potentially dangerous data; these calls are considered unsafe sources. An unsafe source can be any data provided by the user, since the user could be an attacker or has the potential for introducing human error.
Mitigation and prevention
Avoid extending java.security.Policy.
Example 1
Copy
class MyPolicy extends Policy {
// example end
public PermissionCollection getPermissions(CodeSource codesource) {
return null;
}
public void refresh() {
}
}
SV.CLEXT.POLICY is reported for class declaration on line 13: Class 'com.klocwork.jdefects.checkers.ast.samples.SV_CLEXT_POLICY_Sample_1$MyPolicy' extends 'java.security.Policy'.