Insecure Inherited Permissions |
Weakness ID: 277 (Weakness Variant) | Status: Draft |
Description Summary
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
Reference | Description |
---|---|
CVE-2005-1841 | User's umask is used when creating temp files. |
CVE-2002-1786 | Insecure umask for core dumps [is the umask preserved or assigned?]. |
Very carefully manage the setting, management and handling of permissions. Explicitly manage trust zones in the software. |
Phase: Architecture and Design Ensure that appropriate compartmentalization is built into the system design and that the compartmentalization serves to allow for and further reinforce privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide when it is appropriate to use and to drop system privileges. |
Nature | Type | ID | Name | View(s) this relationship pertains to![]() |
---|---|---|---|---|
ChildOf | ![]() | 275 | Permission Issues | Development Concepts (primary)699 |
ChildOf | ![]() | 732 | Incorrect Permission Assignment for Critical Resource | Research Concepts (primary)1000 |