CWE-732 Incorrect Permission Assignment for Critical Resource

Slides:



Advertisements
Similar presentations
The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.
Advertisements

Computer Security: Principles and Practice
Static code check – Klocwork
Access Control Intro, DAC and MAC System Security.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
System and Network Security Practices COEN 351 E-Commerce Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Towards Application Security On Untrusted OS
Operating System Security Chapter 9. Operating System Security Terms and Concepts An operating system manages and controls access to hardware components.
1 DOS with Windows 3.1 and 3.11 Operating Environments n Designed to allow applications to have a graphical interface DOS runs in the background as the.
Maintaining and Updating Windows Server 2008
Performing Software Installation with Group Policy
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Understanding Active Directory
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Cracking Windows Access Control Andrey Kolishchak Hack.lu 2007.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Computer Security & OS Lab. DKU May 26 Younsik Jeong Ph.D. Student.
WINDOWS SERVICES. Introduction You often need programs that run continuously in the background Examples: – servers –Print spooler You often need.
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
Module 14: Configuring Server Security Compliance
SATAN Presented By Rick Rossano 4/10/00. OUTLINE What is SATAN? Why build it? How it works Capabilities Why use it? Dangers of SATAN Legalities Future.
Operating System Security. OS manages and controls access to hardware components Older OSs focused on ensuring data confidentiality Modern operating systems.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
Performing Software Installation with Group Policy Lesson 9.
Chapter 12 Operating System Security Strategies The 2010 Australian Signals Directorate (ASD) lists the “Top 35 Mitigation Strategies” Over 85% of.
Oracle 10g Database Administrator: Implementation and Administration Chapter 2 Tools and Architecture.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1.
Unix Security Assessing vulnerabilities. Classifying vulnerability types Several models have been proposed to classify vulnerabilities in UNIX-type Oses.
Administering Groups Chapter Eight. Exam Objectives In this Chapter:  Plan a security group hierarchy based upon delegation requirements  Plan a security.
Understand Permissions LESSON Security Fundamentals.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Security-Enhanced Linux Eric Harney CPSC 481. What is SELinux? ● Developed by NSA – Released in 2000 ● Adds additional security capabilities to Linux.
1 Chapter Overview Using Group Objects Understanding Default Groups Creating Group Objects Managing Administrative Access.
Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.
SANS Top 25 Most Dangerous Programming Errors Catagory 1: Insecure Interaction Between Components These weaknesses are related to insecure ways.
Lecture9 Page 1 CS 236 Online Operating System Security, Con’t CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Module 7: Designing Security for Accounts and Services.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
Chapter 12 Operating System Security. Possible for a system to be compromised during the installation process before it can install the latest patches.
Maintaining and Updating Windows Server 2008 Lesson 8.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Operating System Security
SY0-401 Exam Dumps CompTIA Security+ Certification Exam
Execution with Unnecessary Privileges
Secure Software Confidentiality Integrity Data Security Authentication
OS Access Control Mauricio Sifontes.
Operating System Security
PLANNING A SECURE BASELINE INSTALLATION
Designing IIS Security (IIS – Internet Information Service)
Fast-Track UiPath Developer Module 10: Sensitive Data Handling
Presentation transcript:

CWE-732 Incorrect Permission Assignment for Critical Resource Denisa Ivan MSI2

CWE-732 was included in the SANS institute Top 25 security bugs list. CWE-732 is the Common Weakness Enumeration identifier for the class of security bugs a program does not check if a critical file MIGHT have been written to by an untrusted actor.

Description The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Consequences Scope Effect Confidentiality Read application data; Read files or directories (credentials, configuration info) Access Control Gain privileges / assume identity (replacing a world-writable executable with a Trojan horse) Integrity Other Modify application data (destroy or corrupt critical data in the associated resource, such as deletion of records from a database.)

Relationships with other vulnerabilities

Detection Methods

Automated Static Analysis (Configuration Checker) Source Code/Bytecode Manual(human) Analysis Static/Dynamic

Black Box Monitoring tools examine the software's process as it interacts with the OS and the network. Useful when source code is unavailable, if the software was developed by someone else, or to verify that the build phase did not introduce any new weaknesses. Analyses permissions issues related to system resources, not application-level business rules that are related to permissions

Black Box Examples: debuggers attached to the running process; system-call tracing utilities: truss (Solaris) and strace (Linux); system activity monitors: FileMon, RegMon, Process Monitor, other Sysinternals utilities (Windows); sniffers and protocol analyzers that monitor network traffic.

Attach the monitor to the process and watch for library functions or system calls on OS resources such as files, directories, and shared memory. Examine the arguments to these calls to infer which permissions are being used.

Example //Language PHP function createUserDir($username){ $path = '/home/'.$username; if(!mkdir($path)){ // forgot optional ‘mode’ argument -> the directory is created with the default permissions 0777 return false; } return true;

Observed Examples

CVE-2009-3482 Anti-virus product sets insecure "Everyone: Full Control" permissions for files under the "Program Files" folder, allowing attackers to replace executables with Trojan horses. CVE-2009-3939 Driver installs a file with world-writable permissions. CVE-2004-1714 Security product uses "Everyone: Full Control" permissions for its configuration files. CVE-2009-1073 LDAP server stores a cleartext password in a world-readable file. CVE-2007-5544 Product uses "Everyone: Full Control" permissions for memory-mapped files (shared memory) in inter-process communication, allowing attackers to tamper with a session. The complete list is available at http://cwe.mitre.org/data/definitions/732.html

CVE-2009-3482 TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGRAMFILES% This allows  local attackers (unprivileged users) to gain privileges by replacing files (including executable files of Trustport services) by malicious files and execute arbitrary code with SYSTEM privileges.

Potential Mitigations Phase: Implementation: check to see if the resource has insecure permissions and report them Phase: Architecture and Design: Divide the software into several administrative areas(like a Security Lattice) and set the permissions accordingly

Potential Mitigations(II) Run the code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. Utils: OS: Unix chroot jail, AppArmor, SELinux java.io.FilePermission (Java SecurityManager)

Potential Mitigations(III) Phase: Operation; System Configuration Ensure that the software runs properly under the Federal Desktop Core Configuration (FDCC) [R.732.4] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.

Case study Bell–LaPadula model The Simple Security Property (no read-up). The ★-property (read "star"-property) (no write-down). The Discretionary Security Property - use of an access matrix to specify the discretionary access control.

BLP - lattice

The End

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.