iac/dockerfile/dockerfile-chmod-777

World-writable files created

lowDockerfileiac-dockerfile

What it detects

chmod 777 grants read/write/execute to any user in the container. Usually a symptom of misunderstanding Unix permissions rather than a real requirement.

Remediation

Use 755 for dirs/executables, 644 for files, and prefer the correct owner via --chown.

How it runs

Run against Dockerfiles detected by path or basename. Line-based checks with remediation guidance.

Found a false positive or want this rule tuned? File an issue. You can also suppress per-repo via a .repoguardignore line.