Excessive file permissions indicate security risks and may lead to vulnerabilities.
The analyzer checks the following system calls for excessive permissions: open
, creat
, openat
, chmod
, fchmod
, fchmodat
, mkdir
, mkdirat
, mkfifo
, mkfifoat
, mknod
, mknodat
, mq_open
, and sem_open
.
The example:
void foo(int param) { int perms = 0777; int fd = open("/path/to/file", O_CREAT | O_RDONLY, perms); if (fd < 0) return; // some work close(fd); }
The code uses the open
system call to open a file and process the information it contains. If the file does not exist, it will be created via the O_CREAT
flag in the second argument and have permissions specified by the number in the third argument. In this case, the 0777
mask allows any user to read, write, or execute this file, which can lead to vulnerabilities.
To fix the error, modify the permission mask:
void foo(int param) { int perms = 0644; int fd = open("/path/to/file", O_CREAT | O_RDONLY, perms); if (fd < 0) return; // some work close(fd); }
This diagnostic is classified as: