Incorrect Default Permissions| ID: 276 | Date: (C)2012-05-14 (M)2022-10-10 |
| Type: weakness | Status: DRAFT |
| Abstraction Type: Variant |
Description
The software, upon installation, sets incorrect permissions for
an object that exposes it to an unintended actor.
Likelihood of Exploit: Medium
Applicable PlatformsLanguage Class: All
Time Of Introduction
- Architecture and Design
- Implementation
- Installation
- Operation
Related Attack Patterns
Common Consequences
| Scope | Technical Impact | Notes |
|---|
| ConfidentialityIntegrity | Read application
dataModify application
data | |
Detection MethodsNone
Potential Mitigations
| Phase | Strategy | Description | Effectiveness | Notes |
|---|
| Architecture and DesignOperation | | Very carefully manage the setting, management, and handling of
privileges. Explicitly manage trust zones in the software. | | |
| Architecture and Design | Separation of Privilege | Compartmentalize the system to have "safe" areas where trust
boundaries can be unambiguously drawn. Do not allow sensitive data to go
outside of the trust boundary and always be careful when interfacing
with a compartment outside of the safe area.Ensure that appropriate compartmentalization is built into the system
design and that the compartmentalization serves to allow for and further
reinforce privilege separation functionality. Architects and designers
should rely on the principle of least privilege to decide when it is
appropriate to use and to drop system privileges. | | |
Relationships
| Related CWE | Type | View | Chain |
|---|
| CWE-276 ChildOf CWE-899 | Category | CWE-888 | |
Demonstrative ExamplesNone
Observed Examples
- CVE-2005-1941 : Executables installed world-writable.
- CVE-2002-1713 : Home directories installed world-readable.
- CVE-2001-1550 : World-writable log files allow information loss; world-readable file has cleartext passwords.
- CVE-2002-1711 : World-readable directory.
- CVE-2002-1844 : Windows product uses insecure permissions when installing on Solaris (genesis: port error).
- CVE-2001-0497 : Insecure permissions for a shared secret key file. Overlaps cryptographic problem.
- CVE-1999-0426 : Default permissions of a device allow IP spoofing.
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
| Taxynomy | Id | Name | Fit |
|---|
| PLOVER | | Insecure Default Permissions | |
| CERT C Secure Coding | FIO06-C | Create files with appropriate access
permissions | |
| CERT Java Secure Coding | FIO01-J | Create files with appropriate access
permission | |
| CERT C++ Secure Coding | FIO06-CPP | Create files with appropriate access
permissions | |
References:
- Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 3, "Insecure Defaults", Page 69.'. Published on 2006.
