Finding Permissions Problems

Although different operating systems and applications might protect their resources differently, the process of how to test for permissions problems is essentially the same. Following are the general steps to finding problems with weak permissions:

  1. Identify all of the objects, such as files, registry keys, or handles, that your application installs or uses when it runs.

  2. For each object, inspect the permissions that are applied.

  3. Using the techniques discussed later in this chapter, determine whether the permissions grant too much access.

  4. Look for places where an application creates an object with weak permissions first, and then later applies stronger permissions. These places can lead to race conditions that a malicious user can exploit.

  5. If your application installs a service, be sure that it is running using an account with the least amount of privileges necessary.

In the Windows operating system, certain resources need to be protected. The operating system enables permissions to be managed through the use of access control lists (ACLs) that specify who has access to certain resources. To make sure the ACLs are correctly protecting your resources, do the following:

  • Understand the Windows access control mechanism.

  • Find and analyze the permissions on the objects.

  • Recognize common permissions problems.

  • Determine how an attacker can access the object.



Hunting Security Bugs
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
Year: 2004
Pages: 156

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net