Difference between revisions of "OWASP Periodic Table of Vulnerabilities - Improper Filesystem Permissions"

From OWASP
Jump to: navigation, search
(Created page with "Return to Periodic Table Working View === Improper Filesystem Permissions === == Root Cause Sum...")
 
 
(2 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
== Root Cause Summary ==   
 
== Root Cause Summary ==   
  
The root cause of improper filesystem permissions is having incorrect filesystem permissions such as read, write, modify, or execute set on files, folders, and symbolic links. These improper permissions allow the attacker to access restricted files or directories and modify or delete their contents
+
The root cause of improper filesystem permissions is having incorrect filesystem permissions such as read, write, modify, or execute set on files, folders, and symbolic links. These improper permissions allow the attacker to access restricted files or directories and modify or delete their contents.
  
 
== Browser / Standards Solution ==   
 
== Browser / Standards Solution ==   
Line 33: Line 33:
  
 
== References ==   
 
== References ==   
[http://projects.webappsec.org/w/page/13246932/Improper%20Filesystem%20Permissions WASC - Improper Filesystem Permissions]
 
  
[http://capec.mitre.org/data/definitions/350.html CAPEC-350: DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions]
+
[http://projects.webappsec.org/w/page/13246932/Improper%20Filesystem%20Permissions WASC - Improper Filesystem Permissions]
 +
 
 +
[http://capec.mitre.org/data/definitions/350.html CAPEC-350: DEPRECATED: WASC Threat Classification 2.0]

Latest revision as of 13:29, 21 July 2013

Return to Periodic Table Working View

Improper Filesystem Permissions

Root Cause Summary

The root cause of improper filesystem permissions is having incorrect filesystem permissions such as read, write, modify, or execute set on files, folders, and symbolic links. These improper permissions allow the attacker to access restricted files or directories and modify or delete their contents.

Browser / Standards Solution

None

Perimeter Solution

Ensure that proper file and directory permissions are applied. Enforce stricter default permissions.

Generic Framework Solution

None

Custom Framework Solution

None

Custom Code Solution

None

Discussion / Controversy

None

References

WASC - Improper Filesystem Permissions

CAPEC-350: DEPRECATED: WASC Threat Classification 2.0