Google decided to release the source code of a tool dubbed PathAuditor designed to help developers identify vulnerabilities related to file access.
“To find issues like this at
File access vulnerabilities could be exploited by attackers to execute malicious code with elevated privileges, for this reason, Google has released PathAuditor. The tool could be used by developers to detect unsafe path access patterns that could introduce weaknesses.
The tool checks if an
“The project is still in the early stages and we are actively working on it. We look forward to hearing about any vulnerabilities you discover with the tool, and hope to see pull requests with further improvements.” concludes Google.
Earlier this year, Google released the ClusterFuzz
(SecurityAffairs – PathAuditor, hacking)