CWE Rule 732

This issue occurs when functions that can change resource permissions, such as chmod, umask, creat, or open, specify permissions that allow unintended actors to modify or read the resource.

If you give outside users or outside groups a wider range or permissions than required, you potentially expose your sensitive information and your modifications. This defect is especially dangerous for permissions related to:

Set your permissions so that the user (u) has more permissions than the group (g), and so the group has more permissions than other users (o), or u >= g >= o.

#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

void bug_dangerouspermissions(const char * log_path) {
    mode_t mode = S_IROTH | S_IXOTH | S_IWOTH;
    int fd = creat(log_path, mode);  //Noncompliant

    if (fd) {
        write(fd, "Hello\n", 6);
    }
    close(fd);
    unlink(log_path);
}

In this example, the log_path file is created with more rights for the other outside users, than the current user. The permissions are ---------rwx.

One possible correction is to modify the user permissions for the file. In this correction, the user has read/write/execute permissions, but other users do not.

#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

void corrected_dangerouspermissions(const char * log_path) {
    mode_t mode = S_IRUSR | S_IXUSR | S_IWUSR;
    int fd = creat(log_path, mode);

    if (fd) {
        write(fd, "Hello\n", 6);
    }
    close(fd);
    unlink(log_path);
}