Permissions, Privileges, and Access Controls |
Category ID: 264 (Category) | Status: Incomplete |
Description Summary
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
Follow the principle of least privilege when assigning access rights to entities in a software system. |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 254 | Security Features | Development Concepts (primary)699 |
ParentOf | Weakness Class | 250 | Execution with Unnecessary Privileges | Development Concepts699 |
ParentOf | Category | 265 | Privilege / Sandbox Issues | Development Concepts (primary)699 |
ParentOf | Category | 275 | Permission Issues | Development Concepts (primary)699 |
ParentOf | Weakness Class | 282 | Improper Ownership Management | Development Concepts (primary)699 |
ParentOf | Weakness Class | 284 | Access Control (Authorization) Issues | Development Concepts (primary)699 |
ParentOf | Weakness Class | 286 | Incorrect User Management | Development Concepts (primary)699 |
MemberOf | View | 635 | Weaknesses Used by NVD | Weaknesses Used by NVD (primary)635 |
CanAlsoBe | Weakness Base | 283 | Unverified Ownership | Research Concepts1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | Permissions, Privileges, and ACLs |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
5 | Analog In-band Switching Signals (aka Blue Boxing) | |
17 | Accessing, Modifying or Executing Executable Files | |
35 | Leverage Executable Code in Nonexecutable Files | |
58 | Restful Privilege Elevation | |
69 | Target Programs with Elevated Privileges | |
76 | Manipulating Input to File System Calls |
[REF-11] M. Howard and D. LeBlanc. "Writing Secure Code". Chapter 7, "How Tokens, Privileges, SIDs, ACLs, and Processes Relate" Page 218. 2nd Edition. Microsoft. 2002. |