Image Source: AWS Storage Blog

One of the basic principles of cloud security is the Principle of Least Privilege. The idea is simple: give every user or process the minimal amount of permissions that are required to get job done.

Let’s say you’d like the following:

  1. Access Granted;
  2. To a Particular AWS S3 Bucket;
  3. To a Single Federated User (or more!);
  4. AND, you’d also like to deny access to all other users

How do you go about doing that? Well ordinarily what’s a simple undertaking is a bit monkey wrench’d by the issues posed by Federated users.


cppcheck was utilized for the purposes of this learning exercise; Output in the Appendix of the Page (Static Code Analysis output of TinyVM and FreeRDP)

GitHub Projects:
FreeRDP — https://github.com/FreeRDP/FreeRDP

TinyVM — https://github.com/jakogut/tinyvm

FreeRDP Observations

The code *((trio_long_double_t *)target) = infinity; encased in the following block:

if (flags & FLAGS_LONGDOUBLE) {

*((trio_long_double_t *)target) = infinity;

}

returns a “Possible null pointer deference: target” cppcheck error message because of the negligence to add a block check for null before accessing the variables involved in the operation. …

Ramsey Elbasheer

Data Scientist

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store