|
Status: Incomplete Weakness ID: 214 (Weakness Variant)Description Summary A process is invoked with sensitive arguments, environment variables, or other elements that can be seen by other processes on the operating system. Extended Description Many operating systems allow a user to list information about processes that are owned by other users. This information could include command line arguments or environment variable settings. When this data contains sensitive information such as credentials, it might allow other users to launch an attack against the software or related resources. Affected Resources System ProcessPotential Mitigations Compartmentalize your system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area. Demonstrative Examples In the Java example below, the password for a keystore file is read from a system property. If the property is defined on the command line when the program is invoked (using the -D... syntax), the password may be displayed in the OS process list. Java Example: String keystorePass =
System.getProperty("javax.net.ssl.keyStorePassword"); if (keystorePass == null) { System.err.println("ERROR: Keystore password not specified."); System.exit(-1); } ...
Observed Examples
Other Notes This can be an externally controlled infoleak, but some protection mechanisms may exist that could make it internally controlled. Research Gaps Under-studied, especially environment variables. Relationships
Taxonomy Mappings
Applicable Platforms Languages All Time of Introduction Architecture and Design Implementation OperationContent History Submissions PLOVER. (Externally Mined) Modifications Sean Eidemiller. Cigital. 2008-07-01. (External) added/updated demonstrative examples Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Relationships, Taxonomy_Mappings CWE Content Team. MITRE. 2008-10-14. (Internal) updated Description, Other_Notes Previous Entry Names Process Information Leak to Other Processes (changed 2008-04-11) |
|
|
|||