# Permissive file assignment ## Overview * **Rule ID**: `javascript_lang_file_permissions` * **Applicable Languages**: Javascript * **Weakness ID**: CWE-732 ## Description Permissive file assignment exposes sensitive information by granting excessive read, write, or execute permissions to users who do not have ownership privileges. This can lead to unauthorized access and manipulation of files, increasing the risk of data breaches and security vulnerabilities. ## Remediation Guidelines * **Do** keep file permissions as restrictive as possible to minimize the risk of unauthorized access. Use the principle of least privilege to grant only the permissions necessary for the operation of the application. ```javascript fs.chmod(path, 0o600); ``` * **Do** prefer assigning file permissions to 'groups' rather than 'other' when you need to extend privileges to users who are not the owners. This approach helps limit access to a more controlled set of users. ## References * [**CWE-732: Incorrect Permission Assignment for Critical Resource**](https://cwe.mitre.org/data/definitions/732.html) ## Configuration To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our [**SAST TOOL**](https://scopy.sec1.io/login) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sec1.io/user-docs/4-sast/3-javascript/permissive-file-assignment.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.