Skip to end of metadata
Go to start of metadata
This rule was developed in part by Emma Krummenacher at the October 20-22, 2017 OurCS Workshop (http://www.cs.cmu.edu/ourcs/register.html).
For more information about this statement, see the About the OurCS Workshop page.

Under Construction

This guideline is under construction. 

 

The use of constants MODE_WORLD_READABLE and MODE_WORLD_WRITABLE is very dangerous and can cause security holes in applications.  Applications should use more formal mechanisms for interactions and communicating amongst each other.  These mechanisms include ContentProvider, BroadcastReceiver, and Service. 

  • ContentProvider: provides content to applications; used to share data amongst multiple applications
  • BroadcastReceiver: Broadcasts are sent when an event of interest occurs; applications may register to receive certain broadcasts; used as a messaging system amongst applications
  • Service: allows application to tell the system what it wants to do in the background and exposes some of its functionality to other applications 

Noncompliant Code Example

This noncompliant code example shows an application that uses MODE_WORLD_READABLE to share files between applications.

String FILENAME = "example_file";
String string = "hello world!";

FileOutputStream outputStream = openFileOutput(FILENAME, Context.MODE_WORLD_READABLE);
fos.write(string.getBytes());
fos.close();

Using the constant MODE_WORLD_READABLE allows other applications to read the file using the shared preference API.  This is likely to cause security holes and is strongly discouraged.

 

This noncompliant code example shows an application that uses MODE_WORLD_WRITABLE to share files between applications.

String FILENAME = "example_file";
String string = "hello world!";

FileOutputStream outputStream = openFileOutput(FILENAME, Context.MODE_WORLD_WRITABLE);
fos.write(string.getBytes());
fos.close();

Using the constant MODE_WORLD_WRITABLE allows other applications to read the file using the shared preference API.  This is likely to cause security holes and is strongly discouraged.  

Compliant Solution

In this compliant solution ...:

TBD

Exceptions

The constants MODE_WORLD_READABLE and MODE_WORLD_WRITABLE have been deprecated since API level 17. Starting from Android 7.0 (API level 24) their use will result in a SecurityException to be thrown.

Risk Assessment

Summary of risk assessment.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

TBD

 

 

 

 

 

Automated Detection

Tool

Version

Checker

Description

TBD 


 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Fill in the table below with at least one entry row, per these instructions, then remove this purple-font section.

 TBD (e.g., MITRE CWE) 

Bibliography