Skip to content

Commit

Permalink
fix: use more appropriate cwe for file permission rules (#458)
Browse files Browse the repository at this point in the history
  • Loading branch information
didroe authored Jul 11, 2024
1 parent f4ac2b1 commit 4b1294d
Show file tree
Hide file tree
Showing 7 changed files with 7 additions and 7 deletions.
2 changes: 1 addition & 1 deletion rules/go/gosec/file_permissions/file_perm.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ metadata:
- **Do** regularly review and audit file permissions in your system to ensure they adhere to the principle of least privilege, minimizing the access level to what is strictly necessary for operational functionality.
cwe_id:
- 276
- 732
id: go_gosec_file_permissions_file_perm
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_file_permissions_file_perm
severity: high
2 changes: 1 addition & 1 deletion rules/go/gosec/file_permissions/mkdir.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ metadata:
- **Do** regularly review and audit file permissions in your system to ensure they adhere to the principle of least privilege, minimizing the access level to what is strictly necessary for operational functionality.
cwe_id:
- 276
- 732
id: go_gosec_file_permissions_mkdir
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_file_permissions_mkdir
severity: high
2 changes: 1 addition & 1 deletion rules/go/gosec/filesystem/poor_write_permissions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ metadata:
- [Linux 'chmod' Command](https://linux.die.net/man/1/chmod)
- [OWASP File Handling Best Practices](https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html)
cwe_id:
- 276
- 732
id: go_gosec_filesystem_poor_write_permissions
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_filesystem_poor_write_permissions
severity: high
2 changes: 1 addition & 1 deletion rules/java/android/world_readable_writable_mode.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ metadata:
- [Android Context.MODE_PRIVATE reference](https://developer.android.com/reference/android/content/Context#MODE_PRIVATE)
- [Android Content Provider reference](https://developer.android.com/reference/android/content/ContentProvider)
cwe_id:
- 276
- 732
id: java_android_world_readable_writable_mode
documentation_url: https://docs.bearer.com/reference/rules/java_android_world_readable_writable_mode
severity: high
2 changes: 1 addition & 1 deletion rules/javascript/lang/file_permissions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,6 @@ metadata:
- **Do** prefer assigning file permissions to 'groups' rather than 'other' when you need to extend privileges to users who are not the owners. This approach helps in limiting access to a more controlled set of users.
cwe_id:
- 276
- 732
id: javascript_lang_file_permissions
documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_file_permissions
2 changes: 1 addition & 1 deletion rules/python/django/file_permissions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,6 @@ metadata:
FILE_UPLOAD_PERMISSIONS = 0o600
```
cwe_id:
- 276
- 732
id: python_django_file_permissions
documentation_url: https://docs.bearer.com/reference/rules/python_django_file_permissions
2 changes: 1 addition & 1 deletion rules/python/lang/file_permissions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,6 @@ metadata:
os.umask(0) # unsafe
```
cwe_id:
- 276
- 732
id: python_lang_file_permissions
documentation_url: https://docs.bearer.com/reference/rules/python_lang_file_permissions

0 comments on commit 4b1294d

Please sign in to comment.