Question
Consider the following general code for allowing access to a resource: DWORD dwRet = IsAccessAllowed ( . . . ) ; if (dwRet == ERROR_ACCESS_DENIED)
Consider the following general code for allowing access to a resource:
DWORD dwRet = IsAccessAllowed ( . . . ) ;
if (dwRet == ERROR_ACCESS_DENIED) { // Security check fa ile d .
// Inform user that access is denied .
} else {
// Security check OK.
}
a) Explain the security flaw in this program.
b) Rewrite the code to avoid the flaw (Hint: Consider the design principle of fail-safe defaults).
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Linked Data A Geographic Perspective
Authors: Glen Hart, Catherine Dolbear
1st Edition
1000218910, 9781000218916
