Do not give 777 permissions to a file

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Metadata

ID: javascript-node-security/chmod-permissions

Language: JavaScript

Severity: Warning

Category: Security

CWE: 732

Description

Always make sure you restrict permissions of your application files. Application files should not allow write and execution for other users as it may leak data and information. Always restrict the number of users and applications that can access your application data.

Non-Compliant Code Examples

const fs = require('fs');
const fsPromises = fs.promises;

fs.chmodSync("/tmp/myfile", 0o777);
fsPromises.chmod("/tmp/fsPromises", 0o777);

Compliant Code Examples

const fs = require('fs');
const fsPromises = fs.promises;

fs.chmodSync(myPath, 0o770);
fsPromises.chmod("/tmp/fsPromises", 0o770);
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

PREVIEWING: safchain/fix-custom-agent