Error: Filesystem permission check
What is this error?
Since the 2026 artifacts, FiveM ships a new filesystem-level security check. When a script attempts to read or write a file outside its allowed scope, the server logs a warning like:
[ c-scripting-node] Filesystem write permission check from 'resource_name' for permission fs.write on resource '/home/container/resources/...' - write not allowed
[ c-scripting-node] Filesystem permission check from 'resource_name' for permission fs.read on resource 'server.cfg' - no device found
This is not a critical error that crashes the server, but it is an important warning that should not be ignored.
Why do these checks exist?
The 2026 artifacts introduced a permissions sandbox on file access. Each resource is normally only allowed to access its own files or explicitly authorized paths. This mechanism was added to:
- Block backdoors hidden in scripts that read or modify sensitive files (
server.cfg, other resources' scripts, etc.) - Prevent misconfigured scripts from altering critical server files
- Improve traceability of filesystem access
The presence of these messages in your logs is not normal. It indicates that a script is trying to access files it should not be touching.
Possible causes
1. Backdoor or malicious script
This is the most concerning cause. Some scripts downloaded from unofficial sources contain malicious code that attempts to:
- Read
server.cfgto steal your license keys, tokens, or database passwords - Write into third-party resources to inject code
- Access files belonging to other resources
2. Poorly designed script function
Some legitimate scripts use file access functions incorrectly or too broadly (e.g. a script that tries to read an absolute path instead of a path relative to its own resource).
3. Outdated resource not yet updated
Older resources, designed before the introduction of the 2026 sandbox, may use file access patterns that are no longer permitted.
How to diagnose
Identify the resource involved — The resource name is shown in quotes in the log message:
Filesystem permission check from 'resource_name' ...
^^^^^^^^^^^^^
Look for suspicious file access in the resource code: functions like LoadResourceFile, SaveResourceFile, io.open, or native system calls.
Verify the source of the resource: was it downloaded from an official GitHub, the CFX Forum, or an unknown source?
Use a diff tool to compare the downloaded resource against the official version to detect any added code.
What to do?
Step 1 — Update the resource
Most false positives come from resources that haven't been updated. Visit the official page of the resource and install the latest version compatible with the 2026 artifacts.
Step 2 — Check for a backdoor
Open the .lua or .js files of the affected resource and look for:
- Calls to
os.execute,io.open,LoadResourceFileon paths outside the resource - Obfuscated code (long base64-encoded strings, calls to
load()orpcall()with dynamic code) - HTTP requests to unknown external URLs
If you find suspicious code, immediately delete the resource and change all your server passwords / tokens.
Step 3 — Replace with a trusted source
If the resource is compromised or too outdated to update, replace it with an alternative from an official source:
- CFX Forum
- The developer's official GitHub
Step 4 — Restart and monitor logs
After fixing the issue, restart your server and verify that the messages are gone.
Log example and interpretation
[ c-scripting-node] Filesystem write permission check from 'oxmysql' for permission fs.write
on resource '/home/container/resources/[gameplay]/[Mapping]/247Supermarket/constants/staging.js'
- write not allowed
| Element | Meaning |
|---|---|
oxmysql | The resource attempting access |
fs.write | Write attempt |
/247Supermarket/constants/staging.js | Target file (another resource) |
write not allowed | Access blocked by the sandbox |
In this example, oxmysql is attempting to write into another resource's files — which is abnormal and warrants investigation.
Summary
| Situation | Recommended action |
|---|---|
| Message appeared after an artifact update | Update the affected resources |
| Message on a resource downloaded from an unknown source | Delete it, audit it, rotate all credentials |
| Persistent message on an official resource | Report to the developer, look for an alternative |
| Obfuscated code detected | Delete immediately + rotate all tokens |
If in doubt, the YorkHost support team is available to help you analyze your logs. Open a ticket on our Discord.