Security code review

The Security code review consists of rules that detect code that is noncompliant with Java™ security standards.

Purpose

The Security code review applies rules to detect code that is noncompliant with Java security standards in J2EE and J2SE perspectives. This code review takes less time to run, because it does not require in-depth code analysis.

Rule categories

The following table lists the category and subcategories in the Security code review, along with a description of the rules in each one. In the left column, categories are in bold text and subcategories are in plain text.

Category or subcategory Description
Security Contains rules that validate compliance with Java security standards
J2EE Security Contains rules that validate compliance with Java security standards in a J2EE application
J2SE Security Contains rules that validate compliance with Java security standards in a J2SE application

Sample rule

The following rule is a sample one that is applied in the Security code review. It is in the J2SE subcategory:
Avoid protected native methods
Feedback
(C) Copyright IBM Corporation 2000, 2005. All Rights Reserved.