Loose file permissions High

File and directory permissions should be granted to specific users and groups. Granting permissions to wildcards, such as everyone or others, can lead to privilege escalations, leakage of sensitive information, and inadvertently running malicious code.

Detector ID
java/loose-file-permissions@v1.0
Category

Noncompliant example

1public void grantOthersPermissionsNoncompliant(final Path p) throws Exception {
2    Set<PosixFilePermission> permissions = PosixFilePermissions.fromString("------rwx");
3    // Noncompliant: Granting other permissions.
4    Files.setPosixFilePermissions(p, permissions);
5}

Compliant example

1public void grantGroupPermissionsCompliant(final Path p) throws Exception {
2    Set<PosixFilePermission> permissions = PosixFilePermissions.fromString("---rwx---");
3    // Compliant: Granting group permissions.
4    Files.setPosixFilePermissions(p, permissions);
5}