CWE•Base•Draft•3 recent CVEs
CWE-378Creation of Temporary File With Insecure Permissions
Description
Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack.
Common consequences
- Confidentiality→Read Application DataIf the temporary file can be read by the attacker, sensitive information may be in that file which could be revealed.
- Authorization,Other→OtherIf that file can be written to by the attacker, the file might be moved into a place to which the attacker does not have access. This will allow the attacker to gain selective resource access-control privileges.
- Integrity,Other→OtherDepending on the data stored in the temporary file, there is the potential for an attacker to gain an additional input vector which is trusted as non-malicious. It may be possible to make arbitrary changes to data structures, user informati
Potential mitigations
- RequirementsMany contemporary languages have functions which properly handle this condition. Older C temp file functions are especially susceptible.
- ImplementationEnsure that you use proper file permissions. This can be achieved by using a safe temp file function. Temporary files should be writable and readable only by the process that owns the file.
- ImplementationRandomize temporary file names. This can also be achieved by using a safe temp-file function. This will ensure that temporary files will not be created in predictable places.