Read Time:24 Second
Description
The product calls umask() with an incorrect argument that is specified as if it is an argument to chmod().
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Confidentiality, Integrity, Access Control: Read Files or Directories, Modify Files or Directories, Bypass Protection Mechanism
Potential Mitigations
Phase: Implementation
Description:
Use umask() with the correct argument.
Phase: Testing
Description:
If you suspect misuse of umask(), you can use grep to spot call instances of umask().