mirror of
https://github.com/github/codeql.git
synced 2026-02-08 19:21:07 +01:00
37 lines
819 B
XML
37 lines
819 B
XML
<!DOCTYPE qhelp PUBLIC
|
|
"-//Semmle//qhelp//EN"
|
|
"qhelp.dtd">
|
|
<qhelp>
|
|
|
|
|
|
<overview>
|
|
<p>
|
|
The Enterprise JavaBeans 3.0 core specification, Section 21.1.2, states:
|
|
</p>
|
|
|
|
<blockquote>
|
|
<p>
|
|
The enterprise bean must not attempt to set the socket factory used by ServerSocket, Socket, or
|
|
the stream handler factory used by URL.
|
|
</p>
|
|
<p>
|
|
These networking functions are reserved for the EJB container. Allowing the enterprise bean to use
|
|
these functions could compromise security and decrease the container's ability to properly manage the
|
|
runtime environment.
|
|
</p>
|
|
</blockquote>
|
|
|
|
</overview>
|
|
<references>
|
|
|
|
|
|
<li>
|
|
<a href="http://jcp.org/aboutJava/communityprocess/final/jsr220/index.html">
|
|
JSR-220 Enterprise JavaBeans 3.0 Final Release</a> (ejbcore),
|
|
Section 21.1.2 Programming Restrictions
|
|
</li>
|
|
|
|
|
|
</references>
|
|
</qhelp>
|