rspec/rules/S5443/java/rule.adoc

include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

----
new File("/tmp/myfile.txt"); // Sensitive
Paths.get("/tmp/myfile.txt"); // Sensitive

java.io.File.createTempFile("prefix", "suffix"); // Sensitive, will be in the default temporary-file directory.
java.nio.file.Files.createTempDirectory("prefix"); // Sensitive, will be in the default temporary-file directory.
----

----
Map<String, String> env = System.getenv();
env.get("TMP"); // Sensitive
----

== Compliant Solution

----
new File("/myDirectory/myfile.txt");

File.createTempFile("prefix", "suffix", new File("/mySecureDirectory"));

FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("w+"));
Files.createTempFile("prefix", "suffix", attr); // Compliant, created with explicit attributes.
----

include::../see.adoc[]
Nightly update 2021-01-26 04:07:35 +00:00			`include::../description.adoc[]`

			`include::../ask-yourself.adoc[]`

			`include::../recommended.adoc[]`

			`== Sensitive Code Example`

			`----`
			`new File("/tmp/myfile.txt"); // Sensitive`
			`Paths.get("/tmp/myfile.txt"); // Sensitive`

			`java.io.File.createTempFile("prefix", "suffix"); // Sensitive, will be in the default temporary-file directory.`
			`java.nio.file.Files.createTempDirectory("prefix"); // Sensitive, will be in the default temporary-file directory.`
			`----`

			`----`
			`Map<String, String> env = System.getenv();`
			`env.get("TMP"); // Sensitive`
			`----`

			`== Compliant Solution`

			`----`
			`new File("/myDirectory/myfile.txt");`

			`File.createTempFile("prefix", "suffix", new File("/mySecureDirectory"));`

			`FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("w+"));`
			`Files.createTempFile("prefix", "suffix", attr); // Compliant, created with explicit attributes.`
			`----`

			`include::../see.adoc[]`