SECURITY.INNER

Do not use inner classes

Description

This rule flags code that uses inner classes.

In Java, it is possible to define inner classes (classes nested inside other classes). Some Java language books say that inner classes can only be accessed by the outer classes that enclose them, but this is false. Java byte code has no concept of inner classes, only regular classes. Consequently, the compiler translates inner classes into ordinary classes that happen to be accessible to any code in the same package.

An inner class can access private variables of the containing class. Because the Java protection mechanism does not let you restrict access to single classes, it must grant access to the entire package. Fortunately, the only variables that are exposed in such a way are those actually used by an inner class.

In addition, a distinction is made between variables that are read by an inner class and those that are written. If an inner class reads a variable, any class in the package can then read that variable. If an inner class writes to a variable, so can any other class in the package.

Example

 package SECURITY;
 > 
 public class INNER {
     class INNER_Class {  // violation
     }
 }

Repair

Do not use an inner class unless it is private.

Reference

Viaga, J., McGraw,G., Mutsdoch,T, Felten, E.. "Statically Scanning Java Code: Finding Security Vulnerabilities." IEEE Software, September/October 2000.