Information for Editors
To have a new guideline automatically listed above be sure to label it fio and rule.

Risk Assessment Summary

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO30-CHighLikelyMedium

P18

L1

FIO32-CMediumUnlikelyMedium

P4

L3

FIO34-CHighProbableMedium

P12

L1

FIO37-CHighProbableMedium

P12

L1

FIO38-CLowProbableMedium

P4

L3

FIO39-CLowLikelyMedium

P6

L2

FIO40-CLowProbableMedium

P4

L3

FIO41-CLowUnlikelyMedium

P2

L3

FIO42-CMediumUnlikelyMedium

P4

L3

FIO44-CMediumUnlikelyMedium

P4

L3

FIO45-CHighProbableHigh

P6

L2

FIO46-CMediumUnlikelyMedium

P4

L3

FIO47-CHighUnlikelyMedium

P6

L2

Related Rules and Recommendations


2 Comments

  1. Should we add a rule/recommendation to prefer getcwd() (a Posix function) to getwd()? See * Drepper 06 Section 2.1.1 Respecting Memory Bounds.

  2. Input/Output is a broad topic and includes all the functions defined in C99 [ISO/IEC 9899-1999] Section 7.19, "Input/output <stdio.h>" and related functions.

    The security of I/O operations is dependent on the versions of the C library, the operating system, and the file system. Older libraries are generally more susceptible to security flaws than newer library versions. Different operating systems have different capabilities and mechanisms for managing file privileges. There are numerous different file systems, including: File Allocation Table (FAT), FAT32, New Technology File System (NTFS), NetWare File System (NWFS), and the Unix File System (UFS). There are also many distributed file systems including: Andrew File System (AFS), Distributed File System (DFS), Microsoft DFS, and Network File System (NFS). These file systems vary in their capabilities and privilege mechanisms.

    As a starting point, the I/O topic area describes the use of C99 standard functions. However, because these functions have been generalized to support multiple disparate operating and file systems, they cannot generally be used in a secure fashion. As a result, most of the rules and recommendations in this topic area recommend approaches that are specific to the operating system and file systems in use. Because of the inherent complexity, there may not exist compliant solutions for all operating system and file system combinations. Consequently, you must consider the target operating and file systems when evaluating the applicability of each compliant solution to your environment.