Permission Race Condition During Resource Copy
Compound Element ID: 689 (Compound Element Base: Composite)Status: Draft
+ Description

Description Summary

The product, while copying or cloning a resource, does not set the resource's permissions or access control until the copy is complete, leaving the resource exposed to other spheres while the copy is taking place.
+ Time of Introduction
  • Implementation
+ Applicable Platforms




+ Observed Examples
CVE-2002-0760Archive extractor decompresses files with world-readable permissions, then later sets permissions to what the archive specified.
CVE-2005-2174Product inserts a new object into database before setting the object's permissions, introducing a race condition.
CVE-2006-5214error file has weak permissions before a chmod is performed.
CVE-2005-2475Archive permissions issue using hard link.
CVE-2003-0265database product creates files world-writable before initializing the setuid bits, leading to modification of executables.
+ Other Notes

This is a general issue, although few subtypes are currently known. The most common examples occur in file archive extraction, in which the product begins the extraction with insecure default permissions, then only sets the final permissions (as specified in the archive) once the copy is complete. The larger the archive, the larger the timing window for the race condition. This weakness has also occurred in some operating system utilities that perform copies of deeply nested directories containing a large number of files.

+ Weakness Ordinalities
(where the weakness exists independent of other weaknesses)
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
RequiresWeakness ClassWeakness Class362Race Condition
Research Concepts1000
RequiresWeakness ClassWeakness Class732Incorrect Permission Assignment for Critical Resource
Research Concepts1000
ChildOfCategoryCategory275Permission Issues
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class668Exposure of Resource to Wrong Sphere
Research Concepts (primary)1000
+ Research Gaps

Under-studied. It seems likely that this weakness could occur in any situation in which a complex or large copy operation occurs, when the resource can be made available to other spheres as soon as it is created, but before its initialization is complete.

+ Related Attack Patterns
CAPEC-IDAttack Pattern Name
(CAPEC Version: 1.4)
26Leveraging Race Conditions
27Leveraging Race Conditions via Symbolic Links
+ Content History
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Applicable Platforms, Relationships, Other Notes, Weakness Ordinalities
2009-03-10CWE Content TeamMITREInternal
updated Related Attack Patterns