Objective-C : Insufficient data protection
Classification
Overview
The application uses insufficiently secure settings to protect the data or file. If the data (file) are confidential it is recommended to use the appropriate level of protection.
NSFileProtectoinKey attribute identifies the protection level for this file.
Possible values of NSFileProtectoinKey:
NSFileProtectionNone - The file has no special protections associated with it. It can be read from or written to at any time. This is the default value.
NSFileProtectionCompleteUntilFirstUserAuthentication - After the user unlocks the device for the first time, your app can access the file and continue to access it even if the user subsequently locks the device.
NSFileProtectionCompleteUnlessOpen - Files can be created while the device is locked, but once closed, cannot be opened again until the device is unlocked. If the file is opened when unlocked, you may continue to access the file normally, even if the user locks the device.
NSProtectionComplete - The file cannot be read from or written to while the device is locked or booting.
NSDataWritingOptions options may have the following values:
NSDataWritingFileProtectionNone - The file is not stored in an encrypted format and may be accessed at boot time and while the device is unlocked.
NSDataWritingFileProtectionComplete - The file is stored in an encrypted format and may be read from or written to only while the device is unlocked. At all other times, attempts to read and write the file result in failure.
NSDataWritingFileProtectionCompleteUnlessOpen - the file cannot be opened for reading or writing when the device is locked, although new files can be created with this class. If one of these files is open when the device is locked, reading and writing are still allowed.
NSDataWritingFileProtectionCompleteUntilFirstUserAuthentication - the file can be read or written to while the device is locked, but while it is booting up, they have protection equivalent to NSDataWritingFileProtectionComplete.
The application uses NSDataWritingFileProtectionNone, NSFileProtectionNone or NSDataWritingFileProtectionCompleteUnlessOpen, NSFileProtectionCompleteUntilFirstUserAuthentication value. Make sure the file with these settings does not contain confidential information.
