Partenaire Premium

java 2 3

fdsa

fdsa


Fichier Détails

Cartes-fiches 496
Langue Deutsch
Catégorie Informatique
Niveau Autres
Crée / Actualisé 06.12.2020 / 24.01.2021
Attribution de licence Non précisé
Lien de web
https://card2brain.ch/box/20201206_java_2_3
Intégrer
<iframe src="https://card2brain.ch/box/20201206_java_2_3/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>

What is the "principle of least privilege"?

Limiting access as much as possible 

What is the problem here? How to fix?

public class GrasshopperCage {

 public static void openLock(ComboLocks comboLocks, String combo) {

   if(comboLocks.isComboValid("grasshopper", combo)) System.out.println("open");

 }

}

a attacker could override the method isComboValid and pass it to openLock. (fix it by with final class) f.e:

public boolean isComboValid(String animal, String combo) {

  var valid = super.isComboValid(animal, combo);

  if(valid) { // email the password to s.b.}

  return valid;

}

Is this a immutable object?:

public final class Animal {

  private final ArrayList<String> favoriteFoods;

  public Animal() {

    this.favoriteFoods = new ArrayList<String>();

    this.favoriteFoods.add("Apples");

  }

  public List<String> getFavoriteFoods() {

    return favoriteFoods;

  }

}

No, the returned list can be modified. Better implement methods for getting properties, f.e.:

public String getFavoriteFoodsElement(int index) {

  return favoriteFoods.get(index);

}

What is a copy constructor?

F.e.:

public Animal(List<String> favoriteFoods) {

  if(favoriteFoods == null) throw new Runtimeexception("..");

  this.favoriteFoods = new ArrayList<String>(favoriteFoods);

}

What is a defensive copy?

F.e. the copy operation

Does the clone() method copy shallow or deep?

shallow by default

What happens if clone is called on an object which doesnt implement cloneable?

Throw exception

What can be considered as untrusted data?

F.e. user inout, reading from files, retrieving data from databases. Any data that did not originate form your program