Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security SecProg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Java Inner Classes Insecure?

from [Craig E. Ward] Network Security [Permanent Link]
Subject: Java Inner Classes Insecure?
Date: Wed, 24 Nov 2004 10:33:46 -0800
If the list needs something to talk about, I have a question about Java and inner classes. (Back in 2000 there was a Security Focus thread on this topic, but things may have changed.)

Some of the security guidelines contain an item that inner classes (or at least public, non-static inner classes) are to be avoided. The alleged problem is that a Java compiler has to change the access modifiers of any members accessed by the inner class because the JVM can't treat an inner class any differently from a regular class. A private member will be recast into package scope, that is, what a class as marked as private becomes accessible to any class in the package.

As far as I can tell, this item comes from a set of guidelines written by Gary McGraw and Edward Felten back in 1998. (http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules_p.html) I don't have a Java 1.1 compiler to experiment with, but the Java 1.4 compilers (Sun's javac and IBM's jikes) do not seem to actually change the access specifier, according to javap.)

What these compilers do is add new static access methods that the inner classes can call to do things with the private members of the outer class. The inner class gets an extra member that is a reference to the outer class so it knows which instance of the outer class it belongs to.

The counter argument asserts that what this really shows is that the Java language is treating all class members orthogonally, which is a good thing. A class member is a class member. (In C++, inner classes do not get this access to the outer class automatically. This is an indicator that C++ is less orthogonal in its treatment of class members and this is a weakness in the language.)

Although I haven't actually made it work, it seems to me that calls to these access methods used by the inner classes could be inserted into third party classes. Does anyone know of a case where this has been done? Are the problems with inner classes historical or do they still exist?

Craig
--
Internet: cew@ACM.ORG
"There are 10 kinds of people in the world: Those who understand binary and those who don't."

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: .Net and security, Michael Silk
Next by Date:  Re: Is this list still active?, Casper . Dik
Previous by Thread:  .Net and security, Damhuis Anton
Next by Thread:  Re: Java Inner Classes Insecure?, Steffen Dettmer
Indexes:  [Date] [Thread] [Top] [All Lists]