Creating a file with overly permissive access permissions may allow an unprivileged user to access that file. Although access permissions are heavily dependent on the file system, many file-creation functions provide mechanisms to set (or at least influence) access permissions. When these functions are used to create files, appropriate access permissions should be specified to prevent unintended access.
When setting access permissions, it is important to make sure that an attacker is not able to alter them (see FIO17-A. Ensure that file operations are performed in a secure directory).
Non-Compliant Code Example: fopen()
...