We’ve just published a new blog post:
Libraries and system utilities form the foundations on which larger projects are built. So it’s critical to make sure they, in particular, are secure. That’s why we recently introduced five new rules for C++ and C to detect broken authentication and access control in *nix systems. The new rules fall into three categories: account validity, granting permissions, and changing directories.