CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE-283: Unverified Ownership

Weakness ID: 283
Abstraction: Base
Status: Draft
Presentation Filter:
+ Description

Description Summary

The software does not properly verify that a critical resource is owned by the proper entity.
+ Time of Introduction
  • Architecture and Design
+ Applicable Platforms

Languages

All

+ Common Consequences
ScopeEffect
Access Control

Technical Impact: Gain privileges / assume identity

An attacker could gain unauthorized access to system resources

+ Demonstrative Examples

Example 1

This function is part of a privileged program that takes input from users with potentially lower privileges.

(Bad Code)
Example Language: Python 
def killProcess(processID):
os.kill(processID, signal.SIGKILL)

This code does not confirm that the process to be killed is owned by the requesting user, thus allowing an attacker to kill arbitrary processes.

This function remedies the problem by checking the owner of the process before killing it:

(Good Code)
Example Language: Python 
def killProcess(processID):
user = getCurrentUser()
#Check process owner against requesting user
if getProcessOwner(processID) == user:
os.kill(processID, signal.SIGKILL)
return
else:
print("You cannot kill a process you don't own")
return
+ Observed Examples
ReferenceDescription
Program does not verify the owner of a UNIX socket that is used for sending a password.
Owner of special device not checked, allowing root.
+ Potential Mitigations

Phases: Architecture and Design; Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Phase: Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class282Improper Ownership Management
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory723OWASP Top Ten 2004 Category A2 - Broken Access Control
Weaknesses in OWASP Top Ten (2004) (primary)711
ChildOfCategoryCategory944SFP Secondary Cluster: Access Management
Software Fault Pattern (SFP) Clusters (primary)888
CanAlsoBeCategoryCategory264Permissions, Privileges, and Access Controls
Research Concepts1000
CanAlsoBeWeakness ClassWeakness Class345Insufficient Verification of Data Authenticity
Research Concepts1000
MemberOfViewView884CWE Cross-section
CWE Cross-section (primary)884
+ Relationship Notes

This overlaps insufficient comparison, verification errors, permissions, and privileges.

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERUnverified Ownership
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Relationship_Notes, Taxonomy_Mappings
2009-03-10CWE Content TeamMITREInternal
updated Relationships
2009-12-28CWE Content TeamMITREInternal
updated Potential_Mitigations
2010-06-21CWE Content TeamMITREInternal
updated Potential_Mitigations
2011-03-29CWE Content TeamMITREInternal
updated Relationships
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2011-06-27CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Common_Consequences, Demonstrative_Examples, Relationships
2012-10-30CWE Content TeamMITREInternal
updated Potential_Mitigations
2014-07-30CWE Content TeamMITREInternal
updated Relationships

More information is available — Please select a different filter.
Page Last Updated: January 18, 2017