Overly Permissive File Permissions

Description

The application sets file permissions to overly permissive values, potentially allowing unauthorized access. Consider using restrictive permissions such as `r--` for read-only access, `w--` for write-only access, or `rw-` for read/write access to the file.

Examples

Insecure Code

java

java.nio.file.Files.setPosixFilePermissions(path, java.nio.file.attribute.PosixFilePermissions.fromString("rwxrwxrwx"));

Secure Code

java

java.nio.file.Files.setPosixFilePermissions(path, java.nio.file.attribute.PosixFilePermissions.fromString("rw-------"));

Remediation

Use the `PosixFilePermissions.fromString` method to set restrictive file permissions, such as `rw-------` for read/write access to the owner only.

Rule Details

Field	Value
ID	CODE-0718
Category	AccessControl
Severity	MEDIUM
CWE	CWE-732
Confidence	HIGH
Impact	MEDIUM
Likelihood	MEDIUM
Exploitability	MODERATE
Tags	file permissions, access control
OWASP	A5:2017-Broken Access Control, A01:2021-Broken Access Control

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Overly Permissive File Permissions

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

SAST Rules

IaC Rules

License Rules

Overly Permissive File Permissions ​

Description ​

Examples ​

Insecure Code ​

Secure Code ​

Remediation ​

Rule Details ​

Overly Permissive File Permissions

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details