javaintellij-ideainspection

IntelliJ IDEA: Can I specify which class is in "secure context"


"Clonable class in secure context" inspection triggers if a class implements Cloneable. The name of the inspection implies that it is only applied to classes which are in a "secure context".

How does IntelliJ decide if a class is in a secure context?

How do I tell IntelliJ whether a class is in a secure context or not?


Solution

  • You are only supposed to run the inspection on the "secure context" (by using a scope). Perhaps the description of this inspection could be improved. See here for more explanation:
    - https://www.securecoding.cert.org/confluence/display/java/OBJ07-J.+Sensitive+classes+must+not+let+themselves+be+copied
    - http://cwe.mitre.org/data/definitions/498.html