GitHub
CERT Secure Coding

SECURE CODING GUIDELINES FOR JAVA SE, VERSION 5.0

This page was automatically generated and should not be edited.

The information on this page was provided by outside contributors and has not been verified by SEI CERT.

CERT RuleRelated Guidelines
IDS04-JGuideline 1-1 / DOS-1: Beware of activities that may use disproportionate resources
OBJ01-JGuideline 6-8 / MUTABLE-8: Define wrapper methods around modifiable internal state
OBJ02-JGuideline 4-6 / EXTEND-6: Understand how a superclass can affect subclass behavior
OBJ04-JGuideline 6-4 / MUTABLE-4: Support copy functionality for a mutable class
OBJ06-JGuideline 6-2 / MUTABLE-2: Create copies of mutable output values
OBJ10-JGuideline 6-10 / MUTABLE-10: Ensure public static final field values are constants
OBJ11-JGuideline 4-5 / EXTEND-5: Limit the extensibility of classes and methods
OBJ11-JGuideline 7-3 / OBJECT-3: Defend against partially initialized instances of non-final classes
MET04-JGuideline 4-1 / EXTEND-1: Limit the accessibility of classes, interfaces, methods, and fields
MET05-JGuideline 7-4 / OBJECT-4: Prevent constructors from calling methods that can be overridden
SER03-JGuideline 8-2 / SERIAL-2: Guard sensitive data during serialization
SER04-JGuideline 8-4 / SERIAL-4: Duplicate the SecurityManager checks enforced in a class during serialization and deserialization
SER07-JGuideline 8-3 / SERIAL-3: View deserialization the same as object construction
SER09-JGuideline 7-4 / OBJECT-4: Prevent constructors from calling methods that can be overridden
SEC00-JGuideline 9-3 / ACCESS-3: Safely invoke java.security.AccessController.doPrivileged
SEC01-JGuideline 9-3 / ACCESS-3: Safely invoke java.security.AccessController.doPrivileged
SEC05-JGuideline 9-10 / ACCESS-10: Be aware of standard APIs that perform Java language access checks against the immediate caller
JNI00-JGuideline 5-3 / INPUT-3: Define wrappers around native methods
OBJ58-JGuideline 4-5 / EXTEND-5: Limit the extensibility of classes and methods