You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 4, 2022. It is now read-only.
The module functions offer no way to specify mode for implicitly created directories so they always create directories world writable. If a user wants to ensure secure directories they have to avoid these methods. Accepting a directory mode would make it possible to use them securely.
World writable resources such as config files can allow other users to control program behavior. In some cases there's code injection through the config file, which can lead to privilege elevation. World writable directories have the same weakness since they allow adding files within them. A world writable config directory /etc/froznator/conf.d offers a route to controlling program behavior through a new config file. On Linux the umask should usually prevent this but it's not guaranteed. Secure coding standards recommend always specifying a restricted mode so files and directories are secure in any environment. MITRE calls this CWE-732, one of the top 25 most dangerous vulnerabilities.
These lines always create directories without specifying mode. If you used move-file to eg install default config files, you could end up with a world writable config directory.
What / Why
The module functions offer no way to specify mode for implicitly created directories so they always create directories world writable. If a user wants to ensure secure directories they have to avoid these methods. Accepting a directory mode would make it possible to use them securely.
World writable resources such as config files can allow other users to control program behavior. In some cases there's code injection through the config file, which can lead to privilege elevation. World writable directories have the same weakness since they allow adding files within them. A world writable config directory
/etc/froznator/conf.d
offers a route to controlling program behavior through a new config file. On Linux the umask should usually prevent this but it's not guaranteed. Secure coding standards recommend always specifying a restricted mode so files and directories are secure in any environment. MITRE calls this CWE-732, one of the top 25 most dangerous vulnerabilities.These lines always create directories without specifying mode. If you used
move-file
to eg install default config files, you could end up with a world writable config directory.move-file/index.js
Line 71 in ab492ef
move-file/index.js
Line 122 in ab492ef
This came out of research with CodeQL.
When
Where
How
Current Behavior
Directories always created world writable.
Steps to Reproduce
move-file
to create parent directories with umask set to 000.Expected Behavior
Implicitly created directories can be secured.
Who
References
The text was updated successfully, but these errors were encountered: