Filesystem related permissions specified are too broad CS-S1000

It is always recommended that you grant only the minimum required permissions to the necessary user accounts rather than providing complete control to everyone. Giving full control may lead to unintended access that may put your organization and any potentially sensitive information at risk. Consider limiting the scope of the permissions.

Bad Practice

new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow)

Recommended

new FileSystemAccessRule(userAccount, FileSystemRights.Read, AccessControlType.Allow)

Reference

• FileSystemAccessRule
• A01:2021: Broken Access Control
• A04:2021: Insecure Design
• CWE-266: Incorrect Privilege Assignment
• CWE-276: Incorrect Default Permissions
• CWE-732: Incorrect Permission Assignment for Critical Resource