# Improper Access Control (CWE-284) The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. - Prevalence: High Frequently exploited - Impact: High 3 high-severity rules - Prevention: Documented 4 fix examples **OWASP:** Broken Access Control (A01:2021-Broken Access Control) - #1 ## Description Access control involves determining which subjects can access which objects. When access control is implemented incorrectly, it can lead to unauthorized access to sensitive data or functionality. ## Prevention Prevention strategies for Improper Access Control based on 4 Shoulder detection rules. ### Go Validate tool inputs against strict schemas and use an allowlist for permitted tools ### Node.js Validate tool inputs against schemas and use allowlists for permitted tools ### Kubernetes Define NetworkPolicy resources to restrict pod-to-pod traffic and enforce network segmentation ### Python Use Pydantic for tool input validation and maintain a strict allowlist for permitted tools ## Warning Signs - [HIGH] Insecure plugin implementation: ... - [HIGH] insecure plugin/function calling implementations in AI/LLM systems without proper validation - [MEDIUM] Workload has no NetworkPolicy for network segmentation - [MEDIUM] Kubernetes deployments without associated NetworkPolicy resources ## Consequences - Read Application Data - Modify Application Data - Execute Unauthorized Code - Gain Privileges ## Mitigations - Implement proper access control checks on all resources - Use the principle of least privilege - Enforce access controls server-side, not just in the UI ## Detection - Total rules: 4 - Languages: go, javascript, typescript, kubernetes, yaml, python ## Rules by Language ### Go (1 rules) - **LLM Insecure Plugin Design** [HIGH]: Detects insecure plugin/function calling implementations in AI/LLM systems without proper validation. - Remediation: Validate tool inputs against strict schemas and use an allowlist for permitted tools. ```go if _, ok := toolRegistry[toolCall.Name]; !ok { return errors.New("unknown tool") } ``` Learn more: https://shoulder.dev/learn/go/cwe-284/llm-insecure-plugin ### Javascript (1 rules) - **LLM Insecure Plugin Design** [HIGH]: Detects insecure plugin/function calling implementations in AI/LLM systems. OWASP LLM07 - Insecure Plugin Design. Insecure plugin design can lead to: - Remote code execution via tool/function calls - Unauthorized data access through plugins - Privilege escalation via overly permissive tools - SSRF through URL-handling plugins - Command injection through shell plugins This rule detects: - Function calling without input validation - Dynamic function execution from LLM output - Plugin execution without access control - Dangerous functions exposed to LLM - Remediation: Validate tool inputs against schemas and use allowlists for permitted tools. ```javascript if (!allowedTools.includes(name)) throw new Error('Unknown tool'); const validate = ajv.compile(toolSchemas[name]); if (!validate(JSON.parse(args))) throw new Error('Invalid arguments'); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-284/llm-insecure-plugin ### Typescript (1 rules) - **LLM Insecure Plugin Design** [HIGH]: Detects insecure plugin/function calling implementations in AI/LLM systems. OWASP LLM07 - Insecure Plugin Design. Insecure plugin design can lead to: - Remote code execution via tool/function calls - Unauthorized data access through plugins - Privilege escalation via overly permissive tools - SSRF through URL-handling plugins - Command injection through shell plugins This rule detects: - Function calling without input validation - Dynamic function execution from LLM output - Plugin execution without access control - Dangerous functions exposed to LLM - Remediation: Validate tool inputs against schemas and use allowlists for permitted tools. ```javascript if (!allowedTools.includes(name)) throw new Error('Unknown tool'); const validate = ajv.compile(toolSchemas[name]); if (!validate(JSON.parse(args))) throw new Error('Invalid arguments'); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-284/llm-insecure-plugin ### Kubernetes (1 rules) - **Missing Network Policy** [MEDIUM]: Detects Kubernetes deployments without associated NetworkPolicy resources. - Remediation: Define a NetworkPolicy to control pod network access. ```yaml kind: NetworkPolicy spec: podSelector: {} policyTypes: [Ingress] ``` Learn more: https://shoulder.dev/learn/kubernetes/cwe-284/missing-network-policy ### Yaml (1 rules) - **Missing Network Policy** [MEDIUM]: Detects Kubernetes deployments without associated NetworkPolicy resources. - Remediation: Define a NetworkPolicy to control pod network access. ```yaml kind: NetworkPolicy spec: podSelector: {} policyTypes: [Ingress] ``` Learn more: https://shoulder.dev/learn/kubernetes/cwe-284/missing-network-policy ### Python (1 rules) - **LLM Insecure Plugin Design** [HIGH]: Detects insecure plugin/function calling implementations in AI/LLM systems. OWASP LLM07 - Insecure Plugin Design. Insecure plugin design can lead to: - Remote code execution via tool/function calls - Unauthorized data access through plugins - Privilege escalation via overly permissive tools - SSRF through URL-handling plugins - Command injection through shell plugins - Remediation: Use Pydantic for tool input validation and maintain an allowlist of tools. ```python from pydantic import BaseModel, Field class SearchArgs(BaseModel): query: str = Field(max_length=100, pattern=r'^[a-zA-Z0-9\s]+$') ALLOWED_TOOLS = {'search_products', 'get_weather'} def execute(tool_call): if tool_call.function.name not in ALLOWED_TOOLS: raise ValueError('Unknown tool') args = SearchArgs.parse_raw(tool_call.function.arguments) return handlers[tool_call.function.name](args) ``` Learn more: https://shoulder.dev/learn/python/cwe-284/llm-insecure-plugin