EXECUTING CODE WITH TOO MUCH PRIVILEGE


Please sign in to view the rest of this entry.

EXECUTING CODE WITH TOO MUCH PRIVILEGE
1011404EXECUTING CODE WITH TOO MUCH PRIVILEGE
<anchor role="natural" id="p2001b4bf9980244"></anchor><emphasis role="bold">OVERVIEW OF THE SIN</emphasis> The sin of failing to use least privilege is a design issue that allows attackers to create more damage when a failure does happen. Software will fail at some point in its lifetime, and if that code is made to fail in a way that can allow an attacker to run malicious code, then that code usually executes with the privileges assigned to the vulnerable process. For example,…
Citation
Michael Howard; David LeBlanc; John Viega: 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them. EXECUTING CODE WITH TOO MUCH PRIVILEGE, Chapter (McGraw-Hill Professional, 2010), AccessEngineering Export