SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 42

changes.mady.by.user Yozo TODA

Saved on

compared with

New Version 43

changes.mady.by.user Yozo TODA

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFCCCC
Writer out = new FileWriter("file");

Compliant Solution (Java 1.6 and Earlier)

Java 1.6 and earlier provide no mechanism for specifying default permissions upon file creation. Consequently, the problem must be avoided or solved using some mechanism external to Java, such as by using native code and JNI.

...

CERT C++ Secure Coding Standard

FIO06-CPP. Create files with appropriate access permissions

CERT C Secure Coding Standard

FIO06-C. Create files with appropriate access permissions

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="11fb51978acf1c06-a9113ded-4b1f4f28-8d599a76-cd64d517ec6e1abc68816f3a"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

"Missing or Inconsistent Access Control [XZN]"

]]></ac:plain-text-body></ac:structured-macro>

MITRE CWE

CWE-279. Incorrect Execution-Assigned Permissions

 

CWE-276. Incorrect Default Permissions

 

CWE-732. Incorrect Permission Assignment for Critical Resource

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e7fbc38de62a3339-ecbfa283-43a44012-9c0d8a89-5cefb1e48ced333f4654797d"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ac16f02688a976bb-0eb31c4b-4360430b-835bb248-5c310ec70660f7bc12fad7b1"><ac:plain-text-body><![CDATA[

[[CVE

AA. Bibliography#CVE]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0836c1e21baad971-a4a76dcc-4935480c-80c8aef9-f91ff433efce22007f799d58"><ac:plain-text-body><![CDATA[

[[Dowd 2006

AA. Bibliography#Dowd 06]]

Chapter 9, "UNIX 1: Privileges and Files"

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3713cce443f25830-e9868cd2-46034ebc-8688b3bb-07ff25352c8d394884eb2019"><ac:plain-text-body><![CDATA[

[[J2SE 2011

AA. Bibliography#J2SE 11]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ada70d5a23a66978-f5e679e6-478b4f36-a9e0af7b-ca134d680321386673345a3e"><ac:plain-text-body><![CDATA[

[[OpenBSD

AA. Bibliography#OpenBSD]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="40a89a6cfd1815d6-442ef9a4-48d5424d-823ca0b0-07044cf7544e651457e62e96"><ac:plain-text-body><![CDATA[

[[Open Group 2004

AA. Bibliography#Open Group 04]]

"The open function," and "The umask function"

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2991d4dd2352b1b9-b167251c-43b044a1-b9988f86-abcde1bba97a04884cd3fcf2"><ac:plain-text-body><![CDATA[

[[Viega 2003

AA. Bibliography#Viega 03]]

Section 2.7, "Restricting Access Permissions for New Files on UNIX"

]]></ac:plain-text-body></ac:structured-macro>

...