Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
SEI CERT Oracle Coding Standard for Java
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
SEI CERT Oracle Coding Standard for Java
2 Rules
Rule 13. Input Output (FIO)
FIO00-J. Do not operate on files in shared directories
Page Information
Title:
FIO00-J. Do not operate on files in shared directories
Author:
David Svoboda
Apr 27, 2011
Last Changed by:
David Svoboda
Mar 11, 2020
Tiny Link:
(useful for email)
https://wiki.sei.cmu.edu/confluence/x/oTZGBQ
Export As:
Word
·
PDF
Incoming Links
SEI CERT Oracle Coding Standard for Java (6)
Page:
MSC03-J. Never hard code sensitive information
Page:
FIO51-J. Identify files using multiple file attributes
Page:
FIO01-J. Create files with appropriate access permissions
Page:
FIO16-J. Canonicalize path names before validating them
Page:
SEC01-J. Do not allow tainted variables in privileged blocks
Page:
FIO03-J. Remove temporary files before termination
SEI CERT Perl Coding Standard (1)
Page:
FIO01-PL. Do not operate on files that can be modified by untrusted users
Hierarchy
Parent Page
Page:
Rule 13. Input Output (FIO)
Labels
Global Labels (6)
fio
android
dos-enable
java7
rule
android-implementation-detail-java
Recent Changes
Time
Editor
Mar 11, 2020 09:09
David Svoboda
View Changes
Feb 02, 2016 14:46
Sandy Shrum
View Changes
Jun 24, 2015 15:30
Carol J. Lallier
View Changes
Jun 24, 2015 13:08
Carol J. Lallier
View Changes
Jun 24, 2015 12:40
Carol J. Lallier
View Page History
Outgoing Links
External Links (11)
secunia.com/advisories/20132/
https://docs.oracle.com/javase/8/docs/api/java/nio/channels…
https://www.securecoding.cert.org/confluence/pages/viewpage…
https://bugs.openjdk.java.net/browse/JDK-4631820
https://www.securecoding.cert.org/confluence/display/java/F…
cwe.mitre.org/
https://bugs.openjdk.java.net/browse/JDK-4405521
https://docs.oracle.com/javase/tutorial/essential/io/fileio…
www.opengroup.org/onlinepubs/009695399/functions/open.html
https://bugs.openjdk.java.net/browse/JDK-4171239
cwe.mitre.org/data/definitions/67.html
SEI CERT Oracle Coding Standard for Java (6)
Home page:
SEI CERT Oracle Coding Standard for Java
Page:
Rule AA. References
Page:
FIO16-J. Canonicalize path names before validating them
Page:
Rule 13. Input Output (FIO)
Page:
FIO01-J. Create files with appropriate access permissions
Page:
Rule BB. Glossary
SEI CERT C Coding Standard (2)
Page:
FIO32-C. Do not perform operations on devices that are only appropriate for files
Home page:
SEI CERT C Coding Standard
Overview
Content Tools
{"serverDuration": 89, "requestCorrelationId": "ec9b391e07e37094"}
