Vulnerable permission assignments

Argument gives read/write/search permissions to external users

Description

This defect occurs when functions that can change resource permissions, such as chmod, umask, creat, or open, specify permissions that allow unintended actors to modify or read the resource.

Risk

If you give outside users or outside groups a wider range or permissions than required, you potentially expose your sensitive information and your modifications. This defect is especially dangerous for permissions related to:

Program configurations
Program executions
Sensitive user data

Fix

Set your permissions so that the user (u) has more permissions than the group (g), and so the group has more permissions than other users (o), or u >= g >= o.

Examples

expand all

Create File with Other Permissions

#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

void bug_dangerouspermissions(const char * log_path) {
    mode_t mode = S_IROTH | S_IXOTH | S_IWOTH;
    int fd = creat(log_path, mode); 

    if (fd) {
        write(fd, "Hello\n", 6);
    }
    close(fd);
    unlink(log_path);
}

In this example, the log_path file is created with more rights for the other outside users, than the current user. The permissions are ---------rwx.

Correction — Modify User Permissions

One possible correction is to modify the user permissions for the file. In this correction, the user has read/write/execute permissions, but other users do not.

#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

void corrected_dangerouspermissions(const char * log_path) {
    mode_t mode = S_IRUSR | S_IXUSR | S_IWUSR;
    int fd = creat(log_path, mode);

    if (fd) {
        write(fd, "Hello\n", 6);
    }
    close(fd);
    unlink(log_path);
}

Result Information

Group: Security

Language: C | C++

Default: Off

Command-Line Syntax: DANGEROUS_PERMISSIONS

Impact: Medium

Version History

Introduced in R2015b