mobsf.mobsfscan.word_readable_writable.world_writeable

MobSF

Author

505

Download Count*

GPLv3

License

The file is World Readable and Writable. Any App can read/write to the file.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: world_writeable
    patterns:
      - pattern-either:
          - pattern: |
              Context.MODE_WORLD_WRITEABLE
    message: The file is World Readable and Writable. Any App can read/write to the
      file.
    languages:
      - java
    severity: WARNING
    metadata:
      cwe: cwe-276
      owasp-mobile: m2
      masvs: storage-2
      reference: https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2
      license: LGPL-3.0-or-later

Short Link: https://sg.run/z9yW