Incorrect Default Permissions
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-276: Incorrect Default Permissions |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The code sets overly permissive file permissions (e.g., allowing write or execute access for group or others), which can let unintended users read or modify sensitive files. Safer defaults like 0o644 restrict write access to the file owner only.
Impact#
If exploited, unauthorized users on the system could read, change, or even execute files they shouldn’t have access to. This could lead to information leaks, data tampering, or running malicious code, potentially compromising application integrity or user data.