Do not give write access to others

Documentos > Code Analysis > Static Analysis Rules > Do not give write access to others

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Metadata

ID: java-security/files-permissions

Language: Java

Severity: Warning

Category: Security

CWE: 732

Description

Never give write access to other users.

Learn More

Non-Compliant Code Examples

class Main {
    public test() {
            Set<PosixFilePermission> perms = new HashSet<PosixFilePermission>();
            perms.add(PosixFilePermission.OWNER_READ);
            perms.add(PosixFilePermission.OWNER_WRITE);
            perms.add(PosixFilePermission.OWNER_EXECUTE);
            perms.add(PosixFilePermission.GROUP_READ);
            perms.add(PosixFilePermission.GROUP_EXECUTE);
            perms.add(PosixFilePermission.OTHERS_READ);
            perms.add(PosixFilePermission.OTHERS_EXECUTE);
    }
}

class Main {
    public static void main(String[] args) {
        Files.setPosixFilePermissions("file", PosixFilePermissions.fromString("rw-rw-rw-"));
    }
}

Compliant Code Examples

class Main {
    public static void main(String[] args) {
        Files.setPosixFilePermissions("file", PosixFilePermissions.fromString("rw-rw-r--"));
    }
}