CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.0)  
ID

CWE CATEGORY: CERT C Secure Coding (2008 Version) Section 50 - POSIX (POS)

Category ID: 748
Status: Incomplete
+ Summary
Weaknesses in this category are related to rules in the POSIX section of the CERT C Secure Coding Standard, as published in 2008. Since not all rules map to specific weaknesses, this category may be incomplete.
+ Notes

Relationship

In the 2008 version of the CERT C Secure Coding standard, the following rules were mapped to the following CWE IDs:

  • CWE-59 POS01-C Check for the existence of links when dealing with files
  • CWE-170 POS30-C Use the readlink() function properly
  • CWE-242 POS33-C Do not use vfork()
  • CWE-272 POS02-C Follow the principle of least privilege
  • CWE-273 POS37-C Ensure that privilege relinquishment is successful
  • CWE-363 POS35-C Avoid race conditions while checking for the existence of a symbolic link
  • CWE-365 POS35-C Avoid race conditions while checking for the existence of a symbolic link
  • CWE-366 POS00-C Avoid race conditions with multiple threads
  • CWE-562 POS34-C Do not call putenv() with a pointer to an automatic variable as the argument
  • CWE-667 POS31-C Do not unlock or destroy another thread's mutex
  • CWE-686 POS34-C Do not call putenv() with a pointer to an automatic variable as the argument
  • CWE-696 POS36-C Observe correct revocation order while relinquishing privileges
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-11-24CWE Content TeamMITRE
Modifications
Modification DateModifierOrganizationSource
2017-11-08CWE Content TeamMITRE
updated Description, Name, Relationship_Notes
Previous Entry Names
Change DatePrevious Entry Name
2017-11-08CERT C Secure Coding Section 50 - POSIX (POS)

More information is available — Please select a different filter.
Page Last Updated: November 15, 2017