...
The fopen_s() function defined in ISO/IEC TR 24731-1 ISO/IEC TR 24731-2006 can be used to create a file with restriced permissions. Specifically, ISO/IEC TR 24731-1 says:
...
Non-Compliant Code Example: open() (POSIX)
| Wiki Markup |
|---|
Using the POSIX function {{open()}} to create a file but failing to provide access permissions for that file may cause the file to be created with unintended access permissions. This omission has been known to lead to vulnerabilities; for instance, \[[CVE-2006-1174|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1174]\]. |
| Code Block |
|---|
|
...
int fd = open(file_name, O_CREAT | O_WRONLY); /* access permissions are missing */
if (fd == -1){
/* Handle Error */
}
...
|
...
| Wiki Markup |
|---|
\[[ISO/IEC TR 24731-2006|AA. C References#SO/IEC TR 24731-2006]\] Section 6.5.2.1, "The fopen_s function" |
| Wiki Markup |
|---|
\[[CVE-2006-1174|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1174]\] |
| Wiki Markup |
|---|
\[[Viega 03|AA. C References#Viega 03]\] Section 2.7 Restricting Access Permissions for New Files on Unix |
