CWE-363 允许符号链接跟随的竞争条件

Race Condition Enabling Link Following

结构: Simple

Abstraction: Base

状态: Draft

被利用可能性: unkown

基本描述

The software checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the access is performed, causing the software to access the wrong file.

扩展描述

While developers might expect that there is a very narrow time window between the time of check and time of use, there is still a race condition. An attacker could cause the software to slow down (e.g. with memory consumption), causing the time window to become larger. Alternately, in some situations, the attacker could win the race by performing a large number of attacks.

相关缺陷

• cwe_Nature: ChildOf cwe_CWE_ID: 367 cwe_View_ID: 1000 cwe_Ordinal: Primary

• cwe_Nature: ChildOf cwe_CWE_ID: 367 cwe_View_ID: 699 cwe_Ordinal: Primary

• cwe_Nature: CanPrecede cwe_CWE_ID: 59 cwe_View_ID: 1000

适用平台

Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}

常见的影响

示例代码

例

This code prints the contents of a file if a user has permission.

bad PHP

This code attempts to resolve symbolic links before checking the file and printing its contents. However, an attacker may be able to change the file from a real file to a symbolic link between the calls to is_link() and file_get_contents(), allowing the reading of arbitrary files. Note that this code fails to log the attempted access (CWE-778).

Notes

分类映射

相关攻击模式

• CAPEC-26

引用

• REF-62 The Art of Software Security Assessment

文章来源于互联网:scap中文网