ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S2610/rule.adoc
jtingsanchali 96d9ddb930
RULEAPI-755 Update CWE URLs by removing .html suffix and update with https protocol (#926) 
* Change affects only see.adoc and rule.adoc files, not comments-and-links.adoc files
2022-04-07 08:53:59 -05:00

20 lines
527 B
Plaintext
Raw Blame History

Programs that execute OS commands may potentially open the door to an attacker by doing so. To minimize the risk, such commands should be executed with the lowest possible privileges.
This rule raises an issue for each OS command and file access.
== Noncompliant Code Example
[source,text]
----
chdir("/"); // Noncompliant
----
== See
* https://cwe.mitre.org/data/definitions/250[MITRE, CWE-250] - Execution with Unnecessary Privileges
* https://www.sans.org/top25-software-errors/#cat3[SANS Top 25] - Porous Defenses
Reference in New Issue View Git Blame Copy Permalink