Incorrect permission assignment for critical resource
Description
The application is setting directory permissions to overly permissive values. Consider using 0700 for read/write access to the files in the directory or 0750 to allow group users to read the files contained in the directory.
Examples
Insecure Code
go
os.Mkdir("directory", 0777)Secure Code
go
os.Mkdir("directory", 0700)Remediation
Use the os.Mkdir function with the correct permission value, such as 0700 or 0750, to set the directory permissions.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0781 |
| Category | AccessControl |
| Severity | MEDIUM |
| CWE | CWE-732 |
| Confidence | HIGH |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | permissions, directory |
| OWASP | A5:2017-Broken Access Control, A01:2021-Broken Access Control |