CWE

Privilege / Sandbox Issues

ID: 265		Date: (C)2012-05-14   (M)2022-10-10
Type: category		Status: INCOMPLETE

Description

Weaknesses in this category occur with improper enforcement of sandbox environments, or the improper handling, assignment, or management of privileges.

Applicable Platforms
None

Common Consequences
None

Detection Methods
None

Potential Mitigations

Phase	Strategy	Description	Effectiveness	Notes
Architecture and Design Operation		Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design	Separation of Privilege	Follow the principle of least privilege when assigning access rights to entities in a software system.

Relationships
This can strongly overlap authorization errors.

Related CWE	Type	View	Chain
CWE-265 ChildOf CWE-264	Category	CWE-699

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

Taxynomy	Id	Name	Fit
PLOVER		Privilege / sandbox errors

References:
None