Overly Permissive File Permission
Description
The code sets overly permissive file permissions, potentially allowing unauthorized access to sensitive data.
Examples
Insecure Code
scala
java.nio.file.Files.setPosixFilePermissions(path, java.nio.file.attribute.PosixFilePermissions.fromString("rwxrwxrwx"));Secure Code
scala
java.nio.file.Files.setPosixFilePermissions(path, java.nio.file.attribute.PosixFilePermissions.fromString("rw-r--r--"));Remediation
Use more restrictive file permissions, such as removing write access for the group or others.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0061 |
| Category | InsecureConfig |
| Severity | HIGH |
| CWE | CWE-732 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | file permissions, posix |
| OWASP | N/A |