LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Development page

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

The sad story of the em28xx driver

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Is your Java code secure -- or exposed? (IBM developerWorks)

[Posted July 17, 2002 by cook]

IBM's developerWorks has an article about dealing with static security vulnerabilities in Java web applications. "Applications can be vulnerable to two kinds of security threats: static and dynamic. While dynamic threats are not fully under a developer's control, there are precautions you can take to counteract static threats while developing an application. This article outlines and explains 13 types of static exposures -- flaws in a system that leave it open to an attacker who wants to usurp privileges on that system. You'll learn how to deal with these exposures and discover the impact they can have if they are not addressed."
(Log in to post comments)

Is your Java code secure -- or exposed? (IBM developerWorks)

Posted Jul 19, 2002 23:29 UTC (Fri) by scripter (subscriber, #2654) [Link]

The IBM DeveloperWorks article has "disappeared". This article is probably the original (perhaps it was partially plagarized?):

http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules_p.html

Here is the Google cache of the IBM developerworks article:

http://216.239.51.100/search?q=cache:1GVMH_HRx5sJ:www-106.ibm.com/developerworks/java/library/j-staticsec.html%3Floc%3Ddwmain

Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds