Page History

...

char *file_name;
FILE *fp;

/* initializeInitialize file_name */

fp = fopen(file_name, "w");
if (!fp){
  /* Handle error */
}

...

The C11 Annex K function fopen_s() can be used to create a file with restricted permissions [ISO/IEC 9899:2011]:

If the file is being created, and the first character of the mode string is not 'u', to the extent that the underlying system supports it, the file shall have a file permission that prevents other users on the system from accessing the file. If the file is being created and the first character of the mode string is 'u', then by the time the file has been closed, it shall have the system default file access permissions.

The u character can be thought of as standing for "umask," meaning that these are the same permissions that the file would have been created with had it been created by fopen(). In this compliant solution, the u mode character is omitted so that the file is opened with restricted privileges (regardless of the umask):

...

On Windows, fopen_s() will create the file with security permissions based on the user executing the application.   For more controlled permission schemes, consider using the CreateFile() function , and specifying the SECURITY_ATTRIBUTES parameter.

...

Using the POSIX open() function to create a file but failing to provide access permissions for that file may cause the file to be created with overly permissive access permissions. This omission has been known to lead to vulnerabilities—for vulnerabilities—for example, CVE-2006-1174.

char *file_name;
int fd;

/* initializeInitialize file_name */

fd = open(file_name, O_CREAT | O_WRONLY);
/* accessAccess permissions were missing */

if (fd == -1){
  /* Handle error */
}

...

Automated Detection

...

...

...