Access rule specifies broad permissions
9 {
10 // CS-S1000: Broad permissions granted.
11 // https://deepsource.io/directory/analyzers/csharp/issues/CS-S1000
12 var accessRule = new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow);13
14 // CS-A1008: Insecurely generated random number.
15 // https://deepsource.io/directory/analyzers/csharp/issues/CS-A1008
Description
It is always recommended that you grant only the minimum required permissions to the necessary user accounts rather than providing complete control to everyone. Giving full control may lead to unintended access that may put your organization and any potentially sensitive information at risk. Consider limiting the scope of the permissions.
Bad Practice
new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow)
Recommended
new FileSystemAccessRule(userAccount, FileSystemRights.Read, AccessControlType.Allow)