SP-E-1 — Malformed S-expression input causes policy bypass
Component: Policy Engine. Mitigations: SPOCP parser is fail-closed; invalid expressions denied. Action: Fuzz-test S-expression parser for parser differentials
| Property | Value |
|---|---|
| Section | Elevation of Privilege |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-HARD-01 | Error Message Sanitization |
| SID-ACCESS-04 | SPOCP Policy-Based Query Authorization |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md