CWE-61 UNIX Symlink Following
What this means
SiteShadow flagged a file access pattern where symlinks may be followed, allowing an attacker to redirect reads/writes to a different file than the application intended.
Why it matters
Symlink following can expose protected files or bypass checks.
- Read exposure: symlink points to secrets (e.g.,
/etc/passwd, app configs). - Write exposure: symlink points to sensitive targets, enabling overwrite attacks.
- Often paired with TOCTOU patterns (see
CWE-362).
Safer examples
1) Avoid operating on paths in world-writable directories
Prefer application-owned directories with strict permissions.
2) Use "no symlink follow" protections where available
Use OS/library flags that refuse symlinks (platform-dependent).
3) Use safe temp-file APIs
Prefer secure temp file helpers rather than manual temp path construction.
How SiteShadow detects it (high level)
- Flags file opens/writes where a path is attacker-influenced and symlink protections are missing.
- Looks for risky patterns in temp directories and upload paths.
References
- CWE-61: https://cwe.mitre.org/data/definitions/61.html
---