浅谈Java代码安全性暴露问题

Brief Discussion of Java Code Security Exposures

有两类攻击可能会威胁应用程序的安全性:静态威胁和动态威胁。开发人员不能完全控制动态威胁,但对于静态威胁,是可以采取一些预防措施来消除的。本文讨论的重点是可能潜伏在Java应用程序中的Java代码安全性暴露及消除静态威胁的方法。

Applications can be vulnerable to two kinds of security threats： dynamic and static. Dynamic threats are not fully under the control of the application developer; but developers can take precautions while building an application to counteract static threats. This article will focus on security exposures that might be lurking in your Java applications and the way of dispelling static threats.