This rule is a stub.
Several guidelines are instances of this one, including ERR01-J. Do not allow exceptions to expose sensitive information, DRD00. Do not store sensitive information on external storage (SD card) unless encrypted first, and DRD11. Ensure that sensitive data is kept secure.
Noncompliant Code Example
This noncompliant code example shows an example where ...
| Code Block | ||
|---|---|---|
| ||
Compliant Solution
In this compliant solution, ...
| Code Block | ||
|---|---|---|
| ||
Risk Assessment
Leaking sensitive information outside a trust boundary is not a good idea.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
IDS15-J | Medium | Likely | High | P6 | L2 |
Automated Detection
TBD| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| The Checker Framework |
| Tainting Checker | Trust and security errors (see Chapter 8) |
Bibliography
| [Fortify 2014] | 1, 2, 3, 4. |