CWE-560 在chmod类型参数中使用umask()
Use of umask() with chmod-style Argument
结构: Simple
Abstraction: Variant
状态: Draft
被利用可能性: unkown
基本描述
The product calls umask() with an incorrect argument that is specified as if it is an argument to chmod().
相关缺陷
- cwe_Nature: ChildOf cwe_CWE_ID: 687 cwe_View_ID: 1000 cwe_Ordinal: Primary
适用平台
Language: {'cwe_Name': 'C', 'cwe_Prevalence': 'Undetermined'}
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| ['Confidentiality', 'Integrity', 'Access Control'] | ['Read Files or Directories', 'Modify Files or Directories', 'Bypass Protection Mechanism'] |
可能的缓解方案
Implementation
策略:
Use umask() with the correct argument.
Testing
策略:
If you suspect misuse of umask(), you can use grep to spot call instances of umask().