...
Java 1.6 and earlier lack a mechanism for specifying default permissions upon file creation. Consequently, the problem must be avoided or solved using some mechanism external to Java, such as by using native code and the Java Native Interface (JNI).
Compliant Solution (
...
POSIX)
The I/O facility java.nio
, introduced in Java SE 7, provides classes for managing file access permissions. Additionally, many of the methods and constructors that create files accept an argument allowing the program to specify the initial file permissions.
...
Code Block | ||
---|---|---|
| ||
Path file = new File("file").toPath(); // Throw exception rather than overwrite existing file Set<OpenOption> options = new HashSet<OpenOption>(); options.add(StandardOpenOption.CREATE_NEW); options.add(StandardOpenOption.APPEND); // File permissions should be such that only user may read/write file Set<PosixFilePermission> perms = PosixFilePermissions.fromString("rw-------"); FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(perms); try (SeekableByteChannel sbc = Files.newByteChannel(file, options, attr)) { // Write data }; |
Exceptions
FIO01-J-EX0: When a file is created inside a directory that is both secure and unreadable by untrusted users, that file may be created with the default access permissions. This could be the case if, for example, the entire file system is trusted or is accessible only to trusted users (see rule FIO00-J. Do not operate on files in shared directories for the definition of a secure directory).
FIO01-J-EX1: Files that do not contain privileged information need not be created with specific access permissions.
...
If files are created without appropriate permissions, an attacker may read or write to the files, possibly resulting in compromised system integrity and information disclosure.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
FIO01-J | Medium | Probable | High | P4 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
CodeSonar |
| JAVA.IO.PERM.ACCESS | Accessing File in Permissive Mode (Java) |
Related Guidelines
VOID FIO06-CPP. Create files with appropriate access permissions | |
Missing or Inconsistent Access Control [XZN] | |
CWE-279, Incorrect Execution-Assigned Permissions |
Android Implementation Details
Creating files with weak permissions may allow malicious applications to access the files.
Bibliography
[API 2014] |
[CVE] |
Chapter 9, "UNIX 1: Privileges and Files" | |
[OpenBSD] |
"The | |
Section 2.7, "Restricting Access Permissions for New Files on UNIX" |
...