Compliant solution does not work on windows

Rule: “Make sure publicly writable directories are used safely here.”
Languge: Java (15)
Environment: SonarCloud

The rules suggest the following solution:

FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("w+"));
Files.createTempFile("prefix", "suffix", attr); // Compliant, created with explicit attributes.

This solution does not work on java 11 and 15.


java.lang.IllegalArgumentException: Invalid mode

	at java.base/java.nio.file.attribute.PosixFilePermissions.fromString(

So I replaced w+ by rwx------.
That solves the problem on Linux.
On Windows using the PosixFilePermissions does, however still not work. (Which is reasonable since windows is not posix-compatible)


java.lang.UnsupportedOperationException: 'posix:permissions' not supported as initial attribute

	at java.base/sun.nio.fs.WindowsSecurityDescriptor.fromAttribute(
	at java.base/sun.nio.fs.WindowsFileSystemProvider.newByteChannel(
	at java.base/java.nio.file.Files.newByteChannel(
	at java.base/java.nio.file.Files.createFile(
	at java.base/java.nio.file.TempFileHelper.create(
	at java.base/java.nio.file.TempFileHelper.createTempFile(
	at java.base/java.nio.file.Files.createTempFile(

In my opinion the suggested solution should platform independent.

My suggestion:

final File myFile = Files.createTempFile("prefix", "suffix").toFile();
myFile.setReadable(false); //deny for all
myFile.setReadable(true, true); //allow for owner
myFile.setWritable(true, true);
myFile.setWritable(true, true); //optional

In contrast to the current suggested solution, this solution uses the platform-independent Java API.

I would suggest changing the suggested solution and change the rule to also accept the above solution.


Hey all,

This would help us conform to Sonar Rules and build on Windows. Could you please have a look?

Hello @jakob.braun and @m.orazow

thanks for the advice on this rule and indeed what you are suggesting makes a lot of sense.

We created ticket SONARJAVA-3830 to handle this and the compliant solution of the rule description will be updated too.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.