Expect file permissions to be 0600 or less
75 path := filepath.Join(dir, "file")
76 defer os.RemoveAll(dir)
77
78 defer os.Chmod(path, 0666) 79
80 fd, err := os.Create(path)
81 if err != nil {
Expect file permissions to be 0600 or less
42 }
43 fd.Close()
44
45 if err := os.Chmod(path, 0666); err != nil { 46 t.Error(err)
47 }
48
Expect file permissions to be 0600 or less
34 path := filepath.Join(dir, "file")
35 defer os.RemoveAll(dir)
36
37 defer os.Chmod(path, 0666) 38
39 fd, err := os.Create(path)
40 if err != nil {
Expect file permissions to be 0600 or less
252 if err != nil {
253 return nil, err
254 }
255 fd, err := os.OpenFile(name, OptReadOnly, 0777)256 if err != nil {
257 return nil, err
258 }
Description
Excessive permissions granted to a file/directory. This warning is triggered whenever permission greater than 0600 is granted.
Generally, all security rules follow the principle of least privilege, except when the file being created needs to be accessed by anyone other than the user creating it.
Bad practice
package main
import (
"fmt"
"os"
)
func main() {
err := os.Chmod("/tmp/somefile", 0777)
if err != nil {
fmt.Println("Error when changing file permissions!")
return
}
}
Recommended
package main
import (
"fmt"
"os"
)
func main() {
err := os.Chmod("/tmp/mydir", 0400)
if err != nil {
fmt.Println("Error")
return
}
}