What does Canonical Representation mean and its potential vulnerability to websites

Question

I searched on google for a meaning of canonical representation and turned up documents that are entirely too cryptic. Can anyone provide a quick explanation of canonical rep

Answer 1

The following explanation is from the "Application Security and Development STIG" found here:

3.11 Canonical Representation Canonical representation issues arise when the name of a resource is used to control resource access. There are multiple methods of representing resource names on a computer system. An application relying solely on a resource name to control access may incorrectly make an access control decision if the name is specified in an unrecognized format.

For example, in Windows, notepad.exe may be represented by the following file and path name combinations:

C:\Windows\System32\notepad.exe

%SystemRoot%\System32\notepad.exe

\?\C:\Windows\System32\notepad.exe

\host\c$\Windows\system32\notepad.exe

An application attempting to restrict access to the file based solely on the file path and name may improperly grant or deny access. The same issue may apply to other named resources on a system, such as a hard- and soft-links, URL, pipe, share, directory, device name, or within data files, if alternate encoding mechanisms are used with the data.

The following items may indicate potential canonical representation issues in an application:

• Access control decisions based upon a resource name.

• Failure to reduce a resource name to its canonical form before use.

In order to minimize canonical representation issues in the application, implement the following procedures:

• Do not rely solely on resource names to control access.

• If using resource names to control access, validate the names to ensure they are in the proper format; reject all names not fitting the known-good criteria.

• Use operating system-based access control mechanisms such as permissions and ACLs.