• Home
• io.codemodder
• core-codemods
• 0.93.1
• source code
• report.json

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.codemodder.codemods.SemgrepOverlyPermissiveFilePermissionsCodemod.report.json Maven / Gradle / Ivy

{
  "summary" : "Fixed overly permissive file permissions (issue discovered by Semgrep)",
  "change" : "Reduced permissions to disable world read/write/execute privileges",
  "reviewGuidanceJustification": "Although there is very little reason to limiting the file permissions as stated would have any effect, it conceivable that the weak permissions are incidentally taken advantage of during pre-production development practices or through file aggregation tools (e.g., Splunk.)",
  "references" : [
    "https://find-sec-bugs.github.io/bugs.htm#OVERLY_PERMISSIVE_FILE_PERMISSION",
    "https://registry.semgrep.dev/rule/java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission",
    "https://cwe.mitre.org/data/definitions/732.html"
  ]
}