Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Automated Detection

Compass/ROSE could can detect some violations of this rule simply by collecting all environment variables referenced by a program and reporting if two variables differ only by capitalization (eg "TEST" vs "Test"). To collect environment variables, one must scan the program looking for calls to getenv(), setenv(), etcrecommendation.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...