Return values not checked when attempting to drop privileges
ID |
c.privilege_management.unchecked_ret_drop_privileges |
Severity |
high |
Resource |
Privilege Management |
Language |
C / C++ |
Description
These functions can be used to drop or change account privileges. If the calls fail, the process will continue to run with the privileges assigned at startup. Depending on the application’s logic, attackers may be able to abuse the system if the privileges are never changed to a different access level. Always check the return values of this function to determine if the application should continue to operate.
Rationale
These functions can be used to drop or change account privileges. If the calls fail, the process will continue to run with the privileges assigned at startup. Depending on the application’s logic, attackers may be able to abuse the system if the privileges are never changed to a different access level. Always check the return values of this function to determine if the application should continue to operate.
Remediation
Follow secure coding practices and review the references below for detailed remediation guidance.
References
-
OWASP Top 10 2021 - A01 : Broken Access Control.