Incorrect default permissions

• Rule ID: go_gosec_filesystem_tempfile
• Languages: go
• Source: tempfile.yml

Description

The application has been observed creating files in shared system temporary directories, such as /tmp or /var/tmp, without the use of secure functions like os.CreateTemp. This practice is insecure because it opens up the possibility of symlink attacks, where an attacker could anticipate the temporary file name and create a symlink to a target file, leading to unauthorized file creation or overwriting when the application writes to what it believes is a temporary file.

Remediations

To prevent symlink attacks and other vulnerabilities associated with the use of shared temporary directories:

✅ Use Secure Temporary File Creation

Implement os.CreateTemp to safely create temporary files within a directory that's restricted to the application. This reduces the risk of symlink attacks and ensures that temporary files are handled securely.

import (
    "os"
    "log"
)

func main() {
    // Ensure the application-restricted directory exists with appropriate permissions
    restrictedDir := "/opt/appdir/restricted"
    if err := os.MkdirAll(restrictedDir, 0700); err != nil {
        log.Fatalf("failed to create restricted directory: %s", err)
    }

    // Securely create a temporary file within the restricted directory
    f, err := os.CreateTemp(restrictedDir, "temp-*.txt")
    if err != nil {
        log.Fatalf("failed to create temporary file: %s", err)
    }
    defer f.Close() // Ensure the file is closed when no longer needed

    defer os.Remove(f.Name()) // Clean up the file upon exit
    // Continue working with the temporary file
}

✅ Avoid Shared Temporary Directories for Sensitive Operations

Do not use common temporary directories for storing sensitive information or for operations that require secure handling of files.

✅ Clean Up After Use

Always remove temporary files after their use to prevent accumulation and potential misuse.

Resources

• Go Documentation: os.CreateTemp
• Secure Coding Guidelines for File I/O
• OWASP Guide to File System Security

Associated CWE

• CWE-378: Creation of Temporary File With Insecure Permissions

Configuration

To skip this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --skip-rule=go_gosec_filesystem_tempfile

To run only this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --only-rule=go_gosec_filesystem_tempfile