Improper Link Resolution Before File Access ('Link Following') |
Weakness ID: 59 (Weakness Base) | Status: Draft |
Description Summary
insecure temporary file: | Some people use the phrase "insecure temporary file" when referring to a link following weakness, but other weaknesses can produce insecure temporary files without any symlink involvement at all. |
---|
Phases: Architecture and Design; Implementation Follow the principle of least privilege when assigning access rights to files. Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted. |
: Soft links are a UNIX term that is synonymous with simple shortcuts on windows based platforms. |
Windows simple shortcuts, sometimes referred to as soft links, can be exploited remotely since an ".LNK" file can be uploaded like a normal file. |
Ordinality | Description |
---|---|
Resultant | (where the weakness is typically related to the presence of some other weaknesses) |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 21 | Pathname Traversal and Equivalence Errors | Development Concepts (primary)699 |
ChildOf | Category | 632 | Weaknesses that Affect Files or Directories | Resource-specific Weaknesses (primary)631 |
ChildOf | Weakness Class | 706 | Use of Incorrectly-Resolved Name or Reference | Research Concepts (primary)1000 |
ChildOf | Category | 743 | CERT C Secure Coding Section 09 - Input Output (FIO) | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ChildOf | Category | 748 | CERT C Secure Coding Section 50 - POSIX (POS) | Weaknesses Addressed by the CERT C Secure Coding Standard734 |
ChildOf | Category | 808 | 2010 Top 25 - Weaknesses On the Cusp | Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800 |
ParentOf | Category | 60 | UNIX Path Link Problems | Development Concepts (primary)699 |
ParentOf | Compound Element: Composite | 61 | UNIX Symbolic Link (Symlink) Following | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 62 | UNIX Hard Link | Research Concepts (primary)1000 |
ParentOf | Category | 63 | Windows Path Link Problems | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 64 | Windows Shortcut Following (.LNK) | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 65 | Windows Hard Link | Research Concepts (primary)1000 |
MemberOf | View | 635 | Weaknesses Used by NVD | Weaknesses Used by NVD (primary)635 |
CanFollow | Weakness Class | 73 | External Control of File Name or Path | Research Concepts1000 |
CanFollow | Weakness Base | 363 | Race Condition Enabling Link Following | Research Concepts1000 |
Link following vulnerabilities are Multi-factor Vulnerabilities (MFV). They are the combination of multiple elements: file or directory permissions, filename predictability, race conditions, and in some cases, a design limitation in which there is no mechanism for performing atomic file creation operations. Some potential factors are race conditions, permissions, and predictability. |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | Link Following | ||
CERT C Secure Coding | FIO02-C | Canonicalize path names originating from untrusted sources | |
CERT C Secure Coding | POS01-C | Check for the existence of links when dealing with files |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Alternate Terms, Applicable Platforms, Relationships, Other Notes, Relationship Notes, Taxonomy Mappings, Weakness Ordinalities | ||||
2008-11-24 | CWE Content Team | MITRE | Internal | |
updated Relationships, Taxonomy Mappings | ||||
2009-01-12 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
2009-05-27 | CWE Content Team | MITRE | Internal | |
updated Description, Name | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Background Details, Other Notes | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Link Following | |||
2009-05-27 | Failure to Resolve Links Before File Access (aka 'Link Following') | |||