This paper mainly discusses the security problem of OO languages caused by
the introduction of the nested class mechanism. Firstly, by analyzing vario
us cases concerning about nested classes instances and their owner objects
in detail, we illustrate the invalid owner problem arising from the differe
nce between the lifetime of nested class instances and their owner objects.
Then a solution to solve this problem is presented. Finally, a conclusion
is drawn that the nested class mechanism should be suitable for the languag
es in which user defined classes are only used to declare dynamically creat
ed objects and which have garbage collection support, such as Java, not for
the languages in which classes are allowed to declare static objects or lo
cal objects and which have no garbage collection support, such as C++.