aspose file tools*
The moose likes Security and the fly likes Questions for the authors of Java Coding GuideLines: Is the First Example secure Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Questions for the authors of Java Coding GuideLines: Is the First Example secure" Watch "Questions for the authors of Java Coding GuideLines: Is the First Example secure" New topic
Author

Questions for the authors of Java Coding GuideLines: Is the First Example secure

Sean Sell
Greenhorn

Joined: Dec 12, 2006
Posts: 9
Gentleman, I realize that the question and answer period is over but I hope you are still around to enterain an additional question. I went out and purchased your book which arrived yesterday and it seems to me that the very first example violates the pricipal you are trying to demonstrate "Limit the Lifetime of Sensitive Data". Your "compliant solution" throws a security exception prior to clearing the password entered by the user. While your assumption may be that the password entered is not valid, in an actual authentication process many other things could prevent the authentication from happening which would result in the valid password potentially being left in memory. The most disturbing would be a denial of service attack against the authentication source in order to exploit this created vulnerability.

Is there some other protection afforded here that I am not concidering, I don't believe that garbage collection is immediate after an exception or that the Console.readPassword() method would help in this situation.

I'm hopeful that the rest of the book is valuable and the examples don't create exposures that I cannot pickup.

--Sean Sell
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Questions for the authors of Java Coding GuideLines: Is the First Example secure