The Object.clone method poses a security risk when a subclass enables cloning. It allows superclass fields to be shared by multiple instances when they might not be sharable. Consider thread-safety, for example.
One possible solution: The clone method should be denied as if a checked deny action was defined for it. If the object isn't an instance of Cloneable, then allow the operation because it cannot call the default clone implementation. If all superclasses (other than Object) are defined in the caller module, or if the clone method isn't the default Object.clone method, then allow the operation.
The
Object.clonemethod poses a security risk when a subclass enables cloning. It allows superclass fields to be shared by multiple instances when they might not be sharable. Consider thread-safety, for example.One possible solution: The
clonemethod should be denied as if a checked deny action was defined for it. If the object isn't an instance ofCloneable, then allow the operation because it cannot call the default clone implementation. If all superclasses (other than Object) are defined in the caller module, or if the clone method isn't the defaultObject.clonemethod, then allow the operation.