Critiq Docs
Get started
security.filesystem

Avoid permissive file modes

Files that can carry user or security data should not be created with world-accessible modes.

#Metadata

Rule ID
ts.security.permissive-file-permissions
Severity
high
Confidence
0.95
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
filesystem, permissions, rules-catalog, security

#Why it matters

Broad file permissions expose application data to local users or processes that should not read or modify it.

#Remediation

Use the minimum required file mode and remove world-readable or world-writable bits.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.permissive-file-permissions.rule.yaml.

Back to registryOpen rule in repository