Poor Logging Practice

From OWASP
Revision as of 10:53, 21 July 2006 by Weilin Zhong (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


This article includes content generously donated to OWASP by Fortify.JPG.

Abstract

Declare loggers to be static and final.

Description

It is good programming practice to share a single logger object between all of the instances of a particular class and to use the same logger for the duration of the program.

Examples

The following statement errantly declares a non-static logger.

	private final Logger logger =     
				Logger.getLogger(MyClass.class);

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

Categories