This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Periodic Table of Vulnerabilities - Improper Filesystem Permissions"
From OWASP
David Fern (talk | contribs) |
David Fern (talk | contribs) |
||
| Line 36: | Line 36: | ||
[http://projects.webappsec.org/w/page/13246932/Improper%20Filesystem%20Permissions WASC - Improper Filesystem Permissions] | [http://projects.webappsec.org/w/page/13246932/Improper%20Filesystem%20Permissions WASC - Improper Filesystem Permissions] | ||
| − | [http://capec.mitre.org/data/definitions/350.html CAPEC-350: DEPRECATED: WASC Threat Classification 2.0 | + | [http://capec.mitre.org/data/definitions/350.html CAPEC-350: DEPRECATED: WASC Threat Classification 2.0] |
Revision as of 18:29, 21 July 2013
Return to Periodic Table Working View
Improper Filesystem Permissions
Root Cause Summary
The root cause of improper filesystem permissions is having incorrect filesystem permissions such as read, write, modify, or execute set on files, folders, and symbolic links. These improper permissions allow the attacker to access restricted files or directories and modify or delete their contents
Browser / Standards Solution
None
Perimeter Solution
Ensure that proper file and directory permissions are applied. Enforce stricter default permissions.
Generic Framework Solution
None
Custom Framework Solution
None
Custom Code Solution
None
Discussion / Controversy
None
