IDS15-J. Do not allow sensitive information to leak outside a trust boundary
This rule is a stub.
Several guidelines are instances of this one, including ERR01-J. Do not allow exceptions to expose sensitive information , DRD00. Do not store sensitive information on external storage (SD card) unless encrypted first , and DRD11. Ensure that sensitive data is kept secure .
Noncompliant Code Example
This noncompliant code example shows an example where ...
Non-compliant code
Compliant Solution
In this compliant solution, ...
Compliant code
Risk Assessment
Leaking sensitive information outside a trust boundary is not a good idea.
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| IDS15-J | Medium | Likely | No | No | P6 | L2 |
Automated Detection
| Tool | Version | Checker | Description |
|---|---|---|---|
| The Checker Framework | 2.1.3 | Tainting Checker | Trust and security errors (see Chapter 8) |
| Security Reviewer - Static Reviewer | 6.02 | Injection04 | Full Implementation |
Bibliography
| [ Fortify 2014 ] | 1 , 2 , 3 , 4 . |
