This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Periodic Table of Vulnerabilities - Improper Filesystem Permissions"
David Fern (talk | contribs) (Created page with "Return to Periodic Table Working View === Improper Filesystem Permissions === == Root Cause Sum...") |
David Fern (talk | contribs) |
||
Line 33: | Line 33: | ||
== References == | == References == | ||
− | |||
− | + | [http://projects.webappsec.org/w/page/13246932/Improper%20Filesystem%20Permissions WASC - Improper Filesystem Permissions] | |
+ | |||
+ | [http://capec.mitre.org/data/definitions/350.html CAPEC-350: DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions] |
Revision as of 18:28, 21 July 2013
Return to Periodic Table Working View
Improper Filesystem Permissions
Root Cause Summary
The root cause of improper filesystem permissions is having incorrect filesystem permissions such as read, write, modify, or execute set on files, folders, and symbolic links. These improper permissions allow the attacker to access restricted files or directories and modify or delete their contents
Browser / Standards Solution
None
Perimeter Solution
Ensure that proper file and directory permissions are applied. Enforce stricter default permissions.
Generic Framework Solution
None
Custom Framework Solution
None
Custom Code Solution
None
Discussion / Controversy
None
References
WASC - Improper Filesystem Permissions
CAPEC-350: DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions