Permission Race Condition During Resource Copy
|ID: 689||Date: (C)2012-05-14 (M)2012-11-08|
|Type: compound element||Status: DRAFT|
|Abstraction Type: Base|
The product, while copying or cloning a resource, does not set
the resource's permissions or access control until the copy is complete, leaving
the resource exposed to other spheres while the copy is taking
Applicable PlatformsLanguage: CLanguage: Perl
Time Of Introduction
Related Attack Patterns
|ConfidentialityIntegrity ||Read application
data || |
|CWE-689 Requires CWE-732 ||Weakness ||CWE-1000 || |
- CVE-2002-0760 : Archive extractor decompresses files with world-readable permissions, then later sets permissions to what the archive specified.
- CVE-2005-2174 : Product inserts a new object into database before setting the object's permissions, introducing a race condition.
- CVE-2006-5214 : error file has weak permissions before a chmod is performed.
- CVE-2005-2475 : Archive permissions issue using hard link.
- CVE-2003-0265 : database product creates files world-writable before initializing the setuid bits, leading to modification of executables.
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
- Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 9, "Permission Races", Page 533.'. Published on 2006.