Question 8
Your organization makes mlib.jar available to your cloud customers.
While working on a new feature for mlib.jar, you see that the customer visible method public void enableService(String hostName, String portNumber) executes this code fragment and you see this grant is in the security policy file:
What security vulnerability does this expose to your cloud customer's code?
privilege escalation attack against the OS running the customer code
SQL injection attack against the specified host and port
XML injection attack against any mlib server
none because the customer code base must also be granted SocketPermission
denial of service attack against any reachable machine
Correct answer: B