...
Using the POSIX function open() to create a file, but failing to provide access permissions for that file, may cause the file to be created with unintended access permissions. This omission has been known to lead to vulnerabilities (for instance, CVE-2006-1174).
| Code Block | ||
|---|---|---|
| ||
/* access permissions are missing */ int fd = open(file_name, O_CREAT | O_WRONLY); /* access permissions are missing */ if (fd == -1){ /* Handle Error */ } |
...
| Code Block | ||
|---|---|---|
| ||
int fd = open( file_name, O_CREAT | O_WRONLY, file_access_permissions ); if (fd == -1){ /* Handle Error */ } |
...