Files should be created with appropriate access permissions. Creating a file with insufficient file access permissions may allow unintended access to program-critical files. File permissions are heavily dependent on the underlying operating system. This recommendation offers three examples of how to specify access permissions for newly created files using standard C, Win32Windows API, and POSIX functions.
Non-compliant Code Example 1
...
| Code Block | ||
|---|---|---|
| ||
...
int fd = open(file_name, O_CREAT | O_WRONLY, file_access_permissions);
if (fd == -1){
/* Handle Error */
}
...
|
Non-compliant Code Example 3 (
...
Windows)
Compliant Solution 3 (
...
Windows)
Risk Assessment
Creating files without appropriate access permissions may allow unintended access to those files.
...