What it does
Detect when a file is being created and then the same file path is used to set file permissions. This is a classic source of Time Of Check, Time Of Use bugs.
Advantage
The recommended code creates the file and sets its attributes in a single syscall, avoiding TOCTOU bugs.
Drawbacks
No response
Example
// Create with default permissions
fs::create_dir(&path)?;
// Fix up permissions
fs::set_permissions(&path, Permissions::from_mode(0o700))?;Could be written using OpenOptions::mode() and DirBuilderExt::mode().
Comparison with existing lints
No response
Additional Context
This is one of the bugs found in uutils during Canonical's audit: https://corrode.dev/blog/bugs-rust-wont-catch/#set-permissions-at-creation-time-not-after
What it does
Detect when a file is being created and then the same file path is used to set file permissions. This is a classic source of Time Of Check, Time Of Use bugs.
Advantage
The recommended code creates the file and sets its attributes in a single syscall, avoiding TOCTOU bugs.
Drawbacks
No response
Example
Could be written using
OpenOptions::mode()andDirBuilderExt::mode().Comparison with existing lints
No response
Additional Context
This is one of the bugs found in uutils during Canonical's audit: https://corrode.dev/blog/bugs-rust-wont-catch/#set-permissions-at-creation-time-not-after