CWE-487: Reliance on Package-level Scope
Description
Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.
Submission Date :
July 19, 2006, midnight
Modification Date :
2023-06-29 00:00:00+00:00
Organization :
MITRE
Extended Description
The purpose of package scope is to prevent accidental access by other parts of a program. This is an ease-of-software-development feature but not a security feature.
Example - 1
The following example demonstrates the weakness.
return ...;public final Static String youAreHidingThisFunction(functionToIntegrate){}package math;public class Lebesgue implements Integration{}
Related Weaknesses
This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.
Visit http://cwe.mitre.org/ for more details.