File and directory permissions should be granted to specific users and groups. Granting permissions to wildcards, such as everyone or others, can lead to privilege escalations, leakage of sensitive information, and inadvertently running malicious code.
1public void grantOthersPermissionsNoncompliant(final Path p) throws Exception {
2 Set<PosixFilePermission> permissions = PosixFilePermissions.fromString("------rwx");
3 // Noncompliant: Granting other permissions.
4 Files.setPosixFilePermissions(p, permissions);
5}
1public void grantGroupPermissionsCompliant(final Path p) throws Exception {
2 Set<PosixFilePermission> permissions = PosixFilePermissions.fromString("---rwx---");
3 // Compliant: Granting group permissions.
4 Files.setPosixFilePermissions(p, permissions);
5}