[metadata]
id = "FIO05-C"
type = "recommendation"
category = "FIO"
number = 5
title = "Identify files using multiple file attributes"
description = """
Files can often be identified by attributes other than the file name, such as by
comparing file ownership or creation time. Information about a file that has
been created and closed can be stored and then used to validate the identity of
the file when it is reopened. Comparing multiple attributes of the file
increases the likelihood that the reopened file is the same file that had been
previously operated on. File identification is less of an issue if applications
maintain their files in secure directories, where they can be accessed only by
the owner of the file and (possibly) by a system administrator. (SeeFIO15-C.
Ensure that file operations are performed in a secure directory.)
"""
severity = "Medium"
likelihood = "Probable"
priority = "P4"
level = "L3"
cert_version = "2016 Edition (Wiki)"
last_modified = "May 20, 2025"
[rules.cert_c.FIO05-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/FIO05-C.+Identify+files+using+multiple+file+attributes"
cwe = ["CWE-37", "CWE-38", "CWE-39", "CWE-62", "CWE-64", "CWE-65"]