DeepSource
Dashboard Resources Pricing Discover Directory Log in

Run your first analysis.

Find thousands of code security and quality issues in your codebase, before they end up in production.

Start now
Rust

Rust

Made by DeepSource
Use Analyzer

File or directory created with insecure permissions RS-A1001

Security
Critical
 a01 cwe-276 sans top 25 owasp top 10

Excessive permissions are granted to a file or directory. This issue is raised when a permission mode greater than 0o755 is given.

The permission number can be a 3 or 4-digit numeric, the three rightmost digits represent the different components of the permissions: owner, group and others. Each digit is a sum of its component digits:

  • r (read) bit = 4
  • w (write) bit = 2
  • x (execute) bit = 1
  • no permissions = 0

For example, to give full permissions to a file owner and read permissions to the group and all other users, use 0744.

Bad practice

use std::fs::DirBuilder;
use std::os::unix::fs::DirBuilderExt;

let mut builder = DirBuilder::new();
builder.mode(0o777);

Recommended

use std::fs::DirBuilder;
use std::os::unix::fs::DirBuilderExt;

let mut builder = DirBuilder::new();
builder.mode(0o755);

References