SV.PERMS.HOME

File created in user home directory without setting correct permissions

Klocwork reports an SV.PERMS.HOME defect when a new file or directory is created in a user home directory without setting the correct permissions.

Vulnerability and risk

Files on multiuser systems are generally owned by a particular user. The owner of the file can specify which other users on the system should be allowed to access the contents of these files. When a resource is given a permissions setting that provides access to a wider range of actors than required, it could lead to the exposure of sensitive information, or to the modification of that resource, such as files or folders inside user home directory, by unintended parties.

Mitigation and prevention

This issue can be prevented if permissions are set by using the following methods:
  • setReadable(boolean readable, boolean ownerOnly)
  • setWritable(boolean writable, boolean ownerOnly)
  • setExecutable(boolean executable, boolean ownerOnly)

For more information, see https://docs.oracle.com/javase/7/docs/api/java/io/File.html.

Alternatively, Java SE 7 has the java.nio.file.attribute.PosixFileAttributes that provide fine-grained control over read, write, and execute permissions for owners, groups, and others. For more information, see https://docs.oracle.com/javase/tutorial/essential/io/fileAttr.html.

Vulnerable code example 1

Copy
   import java.io.*;
   class FileUserDir{
    public static void main(String args[]){
     try{
      File file = new File("/home/ubuntu/test/user.txt");
      file.createNewFile();
      } catch(IOException e){
     }
    }
  }

In this example, Klocwork reports an SV.PERMS.HOME defect because the file "user.txt" is created in the user home directory "/home/ubuntu" without setting correct permissions.

Fixed code example 1

Copy
   import java.io.*;
   class FileUserDir{
    public static void main(String args[]){
     try{
      File file = new File("/home/ubuntu/test/user.txt");
      file.setWritable(true, true);
      file.createNewFile();
     } catch(IOException e){
     }
   }
  }

In this example, Klocwork no longer reports a defect because file permissions were set on line 6 by "setWriteable".

Vulnerable code example 2

Copy
   import java.nio.file.*;
   import java.nio.file.attribute.*;
   import java.util.Set;
   import java.io.*;
   public class FilePosix {
    public static void main(String[] args) throws IOException {
     Path path = Paths.get("/home/ubuntu/test/posix-file.txt");
     if (!Files.exists(path)) Files.createFile(path);
    }
  }

Klocwork reports an SV.PERMS.HOME defect because the file posix-file.txt is created in the user home directory "/home/ubuntu" on line 7 without setting correct permissions.

Fixed code example 2

Copy
 import java.nio.file.*;
 import java.nio.file.attribute.*;
 import java.util.Set;
 import java.io.*;
 public class FilePosix{
     public static void main(String[] args) throws IOException {
         Path path = Paths.get(System.getProperty("user.home") + File.separator + "test.file");
         Set<PosixFilePermission> perms = Files.readAttributes(path,PosixFileAttributes.class).permissions();
         perms.add(PosixFilePermission.OWNER_WRITE);
        perms.add(PosixFilePermission.OWNER_READ);
        perms.add(PosixFilePermission.OWNER_EXECUTE);
        Files.setPosixFilePermissions(path, perms);
        if (!Files.exists(path)) Files.createFile(path);
    }
 } 

In this example, Klocwork no longer reports a defect because java.nio.file.attribute.PosixFileAttributes is in charge of setting the file permissions.

Related checkers

Security training

Application security training materials provided by Secure Code Warrior.