Java security situation deteriorates
12 deadly and intractable errors in the JAVA language about which you did not know, according to the magazine PC Week / RE of 06/19/07:
1. The ability to implement code, for example, SQL commands;
2. XSS vulnerability;
3. Disadvantages of identification management;
4. Incorrect search procedure for errors;
5. The software code used for testing falls into the final version;
6. The presence of methods that allow developers to call C / C ++ code from java-programs, which introduce security problems characteristic of C / C ++;
7. Compatibility and synchronization errors;
8. Lack of control over access to servers;
9. Disadvantages of session management;
10. Use of unchecked cookies and HTTP header packets;
11. Logging of confidential information without ensuring their safety;
12. The configuration provides unlimited access without the use of monitoring and auditing.
The article is very amused. Only the question remains: what's with JAVA? And ... I understand, below is the article: The main impetus for the transition to Vista - security.
1. The ability to implement code, for example, SQL commands;
2. XSS vulnerability;
3. Disadvantages of identification management;
4. Incorrect search procedure for errors;
5. The software code used for testing falls into the final version;
6. The presence of methods that allow developers to call C / C ++ code from java-programs, which introduce security problems characteristic of C / C ++;
7. Compatibility and synchronization errors;
8. Lack of control over access to servers;
9. Disadvantages of session management;
10. Use of unchecked cookies and HTTP header packets;
11. Logging of confidential information without ensuring their safety;
12. The configuration provides unlimited access without the use of monitoring and auditing.
The article is very amused. Only the question remains: what's with JAVA? And ... I understand, below is the article: The main impetus for the transition to Vista - security.
')
Source: https://habr.com/ru/post/11155/
All Articles