Expect directory permissions to be 0750 or less
198func (fs *filesystem) initRawVolume(handle string) (*initVolume, error) {
199 volumePath := fs.initVolumePath(handle)
200
201 err := os.Mkdir(volumePath, 0755)202 if err != nil {
203 return nil, err
204 }
Expect directory permissions to be 0750 or less
85 return nil, err
86 }
87
88 err = os.MkdirAll(deadDir, 0755) 89 if err != nil {
90 return nil, err
91 }
Expect directory permissions to be 0750 or less
80 return nil, err
81 }
82
83 err = os.MkdirAll(liveDir, 0755) 84 if err != nil {
85 return nil, err
86 }
Expect directory permissions to be 0750 or less
75 liveDir := filepath.Join(parentDir, liveDirname)
76 deadDir := filepath.Join(parentDir, deadDirname)
77
78 err := os.MkdirAll(initDir, 0755) 79 if err != nil {
80 return nil, err
81 }
Description
Excessive permissions granted when creating a directory. This warning is
triggered whenever permission greater than 0750
is given.
In general, all security rules follow the principle of least privilege, except when the created directory needs to be accessed by anyone other than the user creating it.
Bad practice
package main
import (
"fmt"
"os"
)
func main() {
err := os.Mkdir("/tmp/mydir", 0777)
if err != nil {
fmt.Println("Error when creating a directory!")
return
}
}
Recommended
package main
import (
"fmt"
"os"
)
func main() {
err := os.Mkdir("/tmp/mydir", 0600)
if err != nil {
fmt.Println("Error when creating a directory!")
return
}
}