Use of absolute paths
Summary
The system files must be referenced through absolute paths.
Description
An absolute path provides the complete and unambiguous location of a file or directory from the root of the file system. These paths eliminate ambiguity that may arise with relative paths, especially in situations where the current working directory may vary. In other words, this practice of using absolute paths enhances clarity, predictability, and consistency in file referencing within a code.
Supported In
This requirement is verified in following services
Plan | Supported |
---|---|
Essential | 🔴 |
Advanced | 🟢 |
References
- CWE™-73. External control of file name or path
- CWE™-710. Improper adherence to coding standards
- SANS 25-8. Improper limitation of a pathname to a restricted directory (path traversal)
- SANS 25-12. NULL pointer dereference
- CWE TOP 25-22. Improper limitation of a pathname to a restricted directory (path traversal)
- CWE TOP 25-476. NULL pointer dereference
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.