Poor file permissions used when creating a directory GSC-G301
Security
Major
a05
cwe-276
owasp top 10
Excessive permissions granted when creating a directory. This warning is
triggered whenever permission greater than 0750 is given.
In general, all security rules follow the principle of least privilege, except when the created directory needs to be accessed by anyone other than the user creating it.
Bad practice
package main
import (
"fmt"
"os"
)
func main() {
err := os.Mkdir("/tmp/mydir", 0777)
if err != nil {
fmt.Println("Error when creating a directory!")
return
}
}
Recommended
package main
import (
"fmt"
"os"
)
func main() {
err := os.Mkdir("/tmp/mydir", 0600)
if err != nil {
fmt.Println("Error when creating a directory!")
return
}
}