Avoid Android world-readable or world-writable IO modes | Critiq Docs

#Metadata

Rule ID: java.security.android-world-readable-mode
Severity: high
Confidence: 0.95
Languages: java
Presets: recommended, security, strict
Stability: stable
Applies to: block
Tags: android, privacy, rules-catalog, security, storage

#Why it matters

Legacy Android modes expose application data to other packages on the device and break sandbox expectations for secrets.

#Remediation

Use MODE_PRIVATE or scoped storage APIs instead of world-readable or world-writable modes.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/java/java.security.android-world-readable-mode.rule.yaml.

Back to directory Open rule in repository