Reliance on Untrusted Inputs in a Security Decision
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-807: Reliance on Untrusted Inputs in a Security Decision |
| Confidence Level | High |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Using std::env::temp_dir() for security-sensitive operations is unsafe because the system’s temporary directory is shared across users and processes. Files created here can be guessed or accessed by attackers if they’re not uniquely and securely named.
Impact#
If exploited, attackers could read, modify, or replace temporary files used for sensitive operations, leading to data leaks, privilege escalation, or interference with application behavior. This can compromise user data or system integrity, especially if predictable file names are used.