Symlink Attack
Example 1: C
Vulnerable Code:
Reason for vulnerability: The file can be replaced with a symlink, leading to a symlink attack.
Fixed Code:
Reason for fix: Use O_NOFOLLOW
to prevent following symlinks.
Example 2: Python
Vulnerable Code:
Reason for vulnerability: The file can be replaced with a symlink, leading to a symlink attack.
Fixed Code:
Reason for fix: Use os.O_NOFOLLOW
to prevent following symlinks.
Last updated