gitlab.flawfinder.SetSecurityDescriptorDacl-1

137

Download Count*

MIT

License

Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access)

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: flawfinder.SetSecurityDescriptorDacl-1
    languages:
      - c
    message: |
      Never create NULL ACLs; an attacker can set it to Everyone (Deny
      All Access)
    metadata:
      cwe: "CWE-732: Never create NULL ACLs; an attacker can set it to Everyone (Deny
        All Access), which would even forbid administrator access (CWE-732)"
      primary_identifier: flawfinder.SetSecurityDescriptorDacl-1
      secondary_identifiers:
        - name: Flawfinder - SetSecurityDescriptorDacl
          type: flawfinder_func_name
          value: SetSecurityDescriptorDacl
      license: MIT
    pattern: SetSecurityDescriptorDacl(...)
    severity: ERROR

Short Link: https://sg.run/brkZ