UNIX Hard Link |
Weakness ID: 62 (Weakness Variant) | Status: Incomplete |
Description Summary
Extended Description
Failure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. /etc/passwd). When the process opens the file, the attacker can assume the privileges of that process.
Reference | Description |
---|---|
CVE-2001-1494 | Hard link attack, file overwrite; interesting because program checks against soft links |
CVE-2002-0793 | |
CVE-2003-0578 | |
CVE-1999-0783 | |
CVE-2004-1603 | |
CVE-2004-1901 | |
CVE-2005-1111 | Hard link race condition |
BUGTRAQ:20030203 ASA-0001 | OpenBSD chpass/chfn/chsh file content leak |
Follow the principle of least privilege when assigning access rights to files. Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted. |
Ordinality | Description |
---|---|
Resultant | (where the weakness is typically related to the presence of some other weaknesses) |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Base | 59 | Improper Link Resolution Before File Access ('Link Following') | Research Concepts (primary)1000 |
ChildOf | Category | 60 | UNIX Path Link Problems | Resource-specific Weaknesses (primary)631 Development Concepts (primary)699 |
ChildOf | Category | 743 | CERT C Secure Coding Section 09 - Input Output (FIO) | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
PeerOf | Weakness Variant | 71 | Apple '.DS_Store' | Research Concepts1000 |
Under-studied. It is likely that programs that check for symbolic links could be vulnerable to hard links. |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | UNIX hard link | ||
CERT C Secure Coding | FIO05-C | Identify files using multiple file attributes |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Applicable Platforms, Relationships, Taxonomy Mappings, Weakness Ordinalities | ||||
2008-10-14 | CWE Content Team | MITRE | Internal | |
updated Description | ||||
2008-11-24 | CWE Content Team | MITRE | Internal | |
updated Relationships, Taxonomy Mappings |