Skip to content

Commit bb580dd

Browse files
JLLeitschuhfelicitymay
JLLeitschuh
and
felicitymay
authored
Apply suggestions from code review
Co-authored-by: Felicity Chapman <[email protected]>
1 parent 7dee22a commit bb580dd

File tree

2 files changed

+2
-1
lines changed

2 files changed

+2
-1
lines changed

java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.qhelp

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ can occur.</p>
2222
<li><a href="https://docs.oracle.com/javase/8/docs/api/java/nio/file/Files.html#createTempDirectory-java.nio.file.Path-java.lang.String-java.nio.file.attribute.FileAttribute...-">java.nio.file.Files.createTempDirectory</a></li>
2323
<li><a href="https://docs.oracle.com/javase/8/docs/api/java/nio/file/Files.html#createTempFile-java.nio.file.Path-java.lang.String-java.lang.String-java.nio.file.attribute.FileAttribute...-">java.nio.file.Files.createTempFile</a></li>
2424
</ul>
25+
2526
<p>Otherwise, create the file/directory by manually specifying the expected posix file permissions.
2627
For example: <code>PosixFilePermissions.asFileAttribute(EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE))</code></p>
2728
<ul>

java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/**
2-
* @name Temporary Directory Local information disclosure
2+
* @name Local information disclosure in a temporary directory
33
* @description Writing information without explicit permissions to a shared temporary directory may disclose it to other users.
44
* @kind path-problem
55
* @problem.severity warning

0 commit comments

Comments
 (0)