SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 16

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 17

changes.mady.by.user Tracey Tamules

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO03-J

medium

probable

high

P4

L3

Automated Detection

TODO

Related Guidelines

CERT C++ Secure Coding Standard

...

FIO06-CPP. Create files with appropriate access permissions

CERT C Secure Coding Standard

...

FIO06-C. Create files with appropriate access permissions

MITRE CWE

...

CWE-279, "Incorrect Execution-Assigned Permissions"

...

 

CWE-276, "Incorrect Default Permissions"

...

 

CWE-732, "Incorrect Permission Assignment for Critical Resource"

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup

...

" ac:schema-version="1" ac:macro-id="e03d6809-df66-4c90-8f70-53652dbd9423"><ac:plain-text-body><![CDATA[

[[API

...

2006

...

AA.

...

Bibliography#API

...

06]

...

]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4ae45ed2-928d-45bd-a499-7ec58dfc13f3"><ac:plain-text-body><![CDATA[

[[CVE

AA. Bibliography#CVE]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="aa3691b4-f0be-4857-92fc-a1fa480d9d2a"><ac:plain-text-body><![CDATA[

[[J2SE 2011

AA. Bibliography#J2SE 11]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="50457f78-e991-4aa7-9cbe-0357187a342f"><ac:plain-text-body><![CDATA[

[[OpenBSD

AA. Bibliography#OpenBSD]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="cf54051b-9e41-4f07-8a56-42803d8e2434"><ac:plain-text-body><![CDATA[

[[Open Group 2004

AA. Bibliography#Open Group 04]]

"The open function," and "The umask function"

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="58d70613-a557-44d4-8c2b-76b1a408c9ea"><ac:plain-text-body><![CDATA[

[[Viega 2003

AA. Bibliography#Viega 03]]

Section 2.7, "Restricting Access Permissions for New Files on UNIX"

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="257ceddb-8ab3-48db-86aa-2f2ea49d197b"><ac:plain-text-body><![CDATA[

[[Dowd 2006

AA. Bibliography#Dowd 06]]

Chapter 9, "UNIX 1: Privileges and Files"

]]></ac:plain-text-body></ac:structured-macro>

...

FIO02-J. Do not assume that read() has filled all the elements of an array      12. Input Output (FIO)      FIO04-J. Do not open non-regular files when accessing regular files