Description
The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Access Control, Confidentiality: Gain Privileges or Assume Identity, Read Application Data, Read Files or Directories
An attacker may be able to access resources with the elevated privilege that could not be accessed with the attacker’s original privileges. This is particularly likely in conjunction with another flaw, such as a buffer overflow.
Potential Mitigations
Phase: Architecture and Design, Operation
Description:
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Phase: Architecture and Design
Description:
Follow the principle of least privilege when assigning access rights to entities in a software system.
Phase: Architecture and Design
Description: