Unchecked Return Value of setuid/seteuid
Description
The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions. If the program calls a function to drop privileges but does not check the return code to ensure that privileges were successfully dropped, then the program will continue to operate with the higher privileges.
Examples
Insecure Code
c
setuid(0);Secure Code
c
if (setuid(0) != 0) { handle_error(); }Remediation
Check the return value of setuid/seteuid to ensure that privileges were successfully dropped.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0492 |
| Category | AccessControl |
| Severity | HIGH |
| CWE | CWE-252 |
| Confidence | MEDIUM |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | privilege escalation, return value |
| OWASP | N/A |
References
- https://www.usenix.org/legacy/events/sec02/full_papers/chen/chen.pdf
- https://cwe.mitre.org/data/definitions/252
- https://www.openwall.com/lists/oss-security/2023/12/30/4
- https://lwn.net/Articles/451985/