Chapter 14. Input Output (FIO)
Rules
Risk Assessment Summary
FIO00-J. Do not operate on files in shared directories
Multiuser systems allow multiple users with different privileges to share a file system. Each user in such an environment must be able to determine which files are shared and which are private, and each user must be able to enforce these decisions.
Unfortunately, a wide variety of file system vulnerabilities can be exploited by an attacker to gain access to files for which they lack sufficient privileges, particularly when operating ...
Get The CERT® Oracle® Secure Coding Standard for Java™ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.