...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Bibliography
| Wiki Markup |
|---|
\[[Chen 02|AA. Bibliography#Chen 02]\] "Setuid Demystified"
\[[Dowd 06|AA. Bibliography#Dowd 06]\] Chapter 9, "Unix I: Privileges and Files"
\[[ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] "XYO Privilege Sandbox Issues"
\[[MITRE 07|AA. Bibliography#MITRE 07]\] [CWE ID 250|http://cwe.mitre.org/data/definitions/250.html], "Execution with Unnecessary Privileges," [CWE ID 273|http://cwe.mitre.org/data/definitions/273.html], "Failure to Check Whether Privileges Were Dropped Successfully"
\[[Open Group 04|AA. Bibliography#Open Group 04]\] [{{setuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/setuid.html], [{{getuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/getuid.html], [{{seteuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/seteuid.html]
\[[Tsafrir 08|AA. Bibliography#Tsafrir 08]\] "The Murky Issue of Changing Process Identity: Revising 'Setuid Demystified'"
\[[Wheeler 03|AA. Bibliography#Wheeler 03]\] [Section 7.4, "Minimize Privileges"|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/minimize-privileges.html] |
...