O'Reilly logo

The CERT® Oracle® Secure Coding Standard for Java™ by David Svoboda, Dean F. Sutherland, Robert C. Seacord, Dhruv Mohindra, Fred Long

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 14. Input Output (FIO)

Rules

Image

Risk Assessment Summary

Image

FIO00-J. Do not operate on files in shared directories

Multiuser systems allow multiple users with different privileges to share a file system. Each user in such an environment must be able to determine which files are shared and which are private, and each user must be able to enforce these decisions.

Unfortunately, a wide variety of file system vulnerabilities can be exploited by an attacker to gain access to files for which they lack sufficient privileges, particularly when operating ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required