Getting Data In

Why is Splunk AppInspect failing with error "FAILURE: A world-writable file was found" when requesting app certification?


When I try to check an app with appinspector I get the following failure for each file:

FAILURE: A world-writable file was found. File: *< filename >*

This happens when running the command for "Review a Splunk app before requesting certification" which is described on the web page:

python splunk-appinspect inspect "<full path to the app>" --mode precert --included-tags splunk_appinspect

Modifying the default.meta file does not help. Here is the content of the default.meta file:

# Application-level permissions

access = read : [ * ], write : [ admin ]
export = system

I tested it with a .zip file, a .spl file and an uncompressed directory (like the app is stored below C:\Program Files\splunk\etc\apps). The error occurs every time.

The command for being compliant with the cloud requirements, does not throw any error and works fine.

python splunk-appinspect inspect "<full path to the app>" --mode precert --included-tags cloud

What can I do to get rid of this error?

Path Finder

I have been looking at how to resolve this within windows and came to the conclusion after many attempts messing around with the filesystem permissions, cygwin, etc that it was just far easier to install Virtualbox and a copy of Ubuntu (other Linix based OS are available). After setting this up and applying the suggested permissions, mine passed first-time!

I'd rather there was an easier way but its not too difficult to use as a workaround.

0 Karma


I use cygwin on WIndows 10 and have had no issues with file permissions inside the app...

Alerts for Splunk Admins
Version Control for Splunk
0 Karma

Path Finder

for whatever reason, I couldn't get it to work correctly for me... It was a shame because I would have much preferred to use that than to have to use virtualbox

0 Karma

Splunk Employee
Splunk Employee

The full message should be

Splunk recommends 644 for all files outside of bin/ and 755 for
all directories and files in the bin/ directory.
FAILURE: A world-writable file was found. File:
FAILURE: A world-writable file was found.

So you would need to update your file permissions accordingly (e.g., "chmod -R 644 myappdir"

0 Karma


I was having the same issues, I fixed this by running the chmods as root in WSL on my windows machine -


find APPNAME_HERE -type d -exec chmod 700 {} \;

find APPNAME_HERE -type f -exec chmod 644 {} \;

0 Karma


OK, now imagine you are living in a Windows world where 644 is but a number. Apparently the script was not tested on Windows?!?

Splunk Employee
Splunk Employee

@helge We target *nix systems for these standards because the overwhelming majority of installations for Splunk are on *nix and we are looking to follow best practices in that environment.

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.