These are rules and recommendations This appendix contains guidelines for functions that are defined as part of the POSIX family of standards but are not included in ISO/IEC 9899-1999the C Standard. These rules and recommendations are not part of the core standard because they do not apply in all C language applications and because they represent an incomplete listset. The intent of providing these rules guidelines is to demonstrate how rules and recommendations for other standards or specific implementations may be integrated with the core C99 C recommendations.
Recommendations
POS00-A. Avoid race conditions with multiple threads
POS01-A. Check for the existence of links
POS02-A. Follow the Principle of Least Privilege wherever possible
Rules
POS30-C. Use the readlink() function properly
POS31-C. Do not unlock or destroy another thread's mutex
POS32-C. Include a mutex when using bit-fields in a multi-threaded environment
POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument
POS35-C. Avoid race conditions while checking for the existence of a symbolic link
POS36-C. Observe correct revocation order while relinquishing privileges
POS37-C. Ensure that privilege relinquishment is successful
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
POS00-A | medium | probable | high | P4 | L3 |
POS01-A | medium | likely | high | P6 | L2 |
POS02-A | high | likely | high | P9 | L2 |
| Content by Label | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| Info |
|---|
Information for Editors |
Risk Assessment Summary
Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| POS30-C | High | Probable | Yes | Yes | P18 | L1 |
| POS34-C | High | Unlikely | Yes | No | P6 | L2 |
| POS35-C | High | Likely | No | No | P9 | L2 |
| POS36-C | High | Probable | Yes | Yes | P18 | L1 |
| POS37-C | High | Probable | Yes | Yes | P18 | L1 |
| POS38-C | Medium | Unlikely | No | No | P2 | L3 |
| POS39-C | Medium | Likely | Yes | No | P12 | L1 |
| POS44-C | Low | Probable | No | No | P2 | L3 |
| POS47-C | Medium | Probable | No | No | P4 | L3 |
| POS48-C | Medium | Probable | No | No | P4 | L3 |
| POS49-C | Medium | Probable | No | No | P4 | L3 |
| POS50-C | Medium | Probable | No | No | P4 | L3 |
| POS51-C | Low | Probable | No | No | P2 | L3 |
| POS52-C | Low | Probable | No | No | P2 | L3 |
| POS53-C | Medium | Probable | Yes | No | P8 | L2 |
| POS54-C | High | Likely | Yes | Yes | P27 | |
Rule | Severity | Likelihood | Remediation Cost | Priority | Level | |
POS30-C | low | probable | medium | P4 | L3 | |
POS31-C | medium | probable | high | P4 | L3 | |
POS32-C | medium | probable | medium | P8 | L2 | |
POS33-C | low | probable | low | P6 | L2 | |
POS34-C | high | unlikely | medium | P6 | L2 | |
POS35-C | high | likely | medium | P18 | L1 | |
POS36-C | high | probable | medium | P12 | L1 | |
POS37-C | high | probable | low | P18 | L1 |
Related Rules and Recommendations
| Navigation Map | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
...
MSC31-C. Ensure that return values are compared against the proper type 13. Miscellaneous (MSC) POS00-A. Avoid race conditions with multiple threads