Details
Major Description
General
- if a mode can not be resolved no issue should be raised
chmod, lchmod, fchmod
If constants are used, should raise when one of the following is present:
- stat.S_IRWXO
- stat.S_IROTH
- stat.S_IWOTH
- stat.S_IXOTH
If numerical, should raise when the mode as decimal value modulo 8 does not equal zero (mode%8 != 0). Normally people use octal to specify the mode but this is not necessary.
Noncompliant Code Example
os.chmod("foo", 0o777) # Sensitive os.chmod("foo", 0o007) # Sensitive os.chmod("foo", 511) # Sensitive os.chmod("foo", 750) # Sensitive os.lchmod("foo", 0o777) # Sensitive os.fchmod(fd, 0o777) # Sensitive
Compliant Code Example
os.chmod("foo", 0) # Compliant os.chmod("foo", 0o750) # Compliant os.lchmod("foo", 0o770) # Compliant os.fchmod(fd, 0o770) # Compliant os.chmod("foo", mode) # Compliant (unknown)
umask
Should raise when the mask as decimal value modulo 8 does not equal seven (mode%8 != 7). Normally people use octal to specify the mask but this is not necessary.
Noncompliant Code Example
os.umask(0) # Sensitive os.umask(0o750) # Sensitive
Compliant Code Example
os.umask(0o777) # Compliant os.umask(0o007) # Compliant os.umask(mask) # Compliant (unknown)
Code samples: https://github.com/SonarSource/security-expected-issues/tree/master/python/rules/hotspots/RSPEC-2612
Attachments
Issue Links
- implements
-
RSPEC-2612 Setting loose POSIX file permissions is security-sensitive
- Active
