Checker FileAccess

belongs to group Basic
Identify unsafe file access

Frameworks supported by this checker

  • android up to API level 28

Warnings generated by this checker

  • FileAccessWithModeWorldWarning: a dangerous mode likely to cause security issues [ CWE732 ]
  • FileWithWorldAccessibilityWarning: the file is world-readable-writable [ CWE732 ]

Options accepted by this checker

  • none

Annotations understood by this checker

  • @com.juliasoft.julia.checkers.fileAccess.ChangeAccessPermission
  • @com.juliasoft.julia.checkers.fileAccess.ShouldBeOwnerOnly
  • @com.juliasoft.julia.checkers.fileAccess.ShouldNotModeWorld


Description

The FileAccess checker is dedicated to the analysis of Android applications. The FileAccess checker is able to produce a warning when unsafe file access permissions are set.


Examples

Consider the following program:

package example.fileaccessexample;

import android.content.Context;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Log;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;

public class MainActivity extends AppCompatActivity {

    private static final String TAG = "MainActivity";

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        try {

            FileOutputStream fileOutputStream1 = openFileOutput("foo.txt", Context.MODE_WORLD_READABLE);
            FileOutputStream fileOutputStream2 = openFileOutput("foo.txt", Context.MODE_WORLD_WRITEABLE);

        } catch (FileNotFoundException | SecurityException e) {
            e.printStackTrace();
        }

        extendAccessPermission(new File("myfile.txt"));

    }

    public  void extendAccessPermission(File f) {

            
            if ( !f.setReadable( true , false )) {
                Log.e(TAG,"Unable to set readable permission");
            }
            

            if ( !f.setWritable( true , false )) {
                Log.e(TAG,"Unable to set writable permission");
            }

    }
}

MainActivity.java:22: [FileAccess: FileAccessWithModeWorldWarning] The MODE_WORLD are dangerous modes and strongly discouraged
MainActivity.java:23: [FileAccess: FileAccessWithModeWorldWarning] The MODE_WORLD are dangerous modes and strongly discouraged
MainActivity.java:36: [FileAccess: FileWithWorldAccessibilityWarning] The file is world-readable/writable and likely to cause security issues in applications
MainActivity.java:40: [FileAccess: FileWithWorldAccessibilityWarning] The file is world-readable/writable and likely to cause security issues in applications

The Android's security design philosophy recommends to use the files only for the purpose of perpetuating or temporarily storing information. In principle the file access permissions should be private, in order to limit the risk of information leakage. The above code contains noncompliant examples of file access permissions. At lines 36 and 40, the methods enable the readable/writable authorizations by setting the first parameter to true but make the file readable/writable to any application by setting the second parameter to false. An other way to set an unsafe file access permissions is to use the following constants: android.content.Context.MODE_WORLD_READABLE and android.content.Context.MODE_WORLD_WRITABLE. They are dangerous modes and strongly discouraged to set a file access, instead potentially they would allow access to the file by untrusted applications. These constants have been deprecated since Android 4.2 (android API 17) and starting from Android 7.0 (android API 24) their use will result in a java.lang.SecurityException to be thrown. An examples of FileAccessWithModeWorldWarning triggeration are shown at lines 22 and 23. In the example the android.content.Context.MODE_PRIVATE mode could be used to fix the issues because with this mode the file can only be accessed by the calling application (or all applications sharing the same user ID). For a correct file sharing could be useful consult the share files guides.