alpine 3.6
access weakness #164


Weakness Breakdown


An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

 -f, --config_file  Set configuration file name\n\
-A, --vty_addr     Set vty's bind address\n\
-P, --vty_port     Set vty's port number\n\
-v, --version      Print program version\n\
-h, --help         Display this help and exit\n\
Report bugs to %s\n", progname, ZEBRA_BUG_ADDRESS);
  exit (status);

/* main routine. */
main (int argc, char **argv)
  char *p;
  char *vty_addr = NULL;
  int vty_port = 4000;
  int daemon_mode = 0;
  char *progname;
  char *config_file = NULL;
  /* Set umask before anything for security */
  umask (0027);

  /* get program name */
  progname = ((p = strrchr (argv[0], '/')) ? ++p : argv[0]);

  /* master init. */
  master = thread_master_create ();

  while (1) 
      int opt;

      opt = getopt_long (argc, argv, "dhf:A:P:v", longopts, 0);
      if (opt == EOF)

      switch (opt) 
	case 0:
        case 'f':
          config_file = optarg;
	case 'd':
	  daemon_mode = 1; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.