Overly Permissive File Permission
Description
The code assigns overly permissive file permissions, potentially allowing unauthorized access to sensitive resources. The issue arises from the use of PosixFilePermission.OTHERS_ when setting file permissions using java.nio.file.Files.setPosixFilePermissions.
Examples
Insecure Code
scala
java.nio.file.Files.setPosixFilePermissions(path, PosixFilePermissions.fromString("rwxrwxrwx"));Secure Code
scala
java.nio.file.Files.setPosixFilePermissions(path, PosixFilePermissions.fromString("rwx------"));Remediation
Assign the least permissive file permissions necessary for the application to function correctly. For example, use PosixFilePermission.OWNER_READ instead of PosixFilePermission.OTHERS_READ.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0062 |
| Category | InsecureConfig |
| Severity | MEDIUM |
| CWE | CWE-732 |
| Confidence | HIGH |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | file permission, posix |
| OWASP | N/A |