security fix - don't allow leap_cli created files to be world/group readable.

author: elijah <elijah@riseup.net> 2013-07-29 20:38:58 -0700
committer: elijah <elijah@riseup.net> 2013-07-29 20:38:58 -0700
commit: e00e5d2b501a0d2727ea84fb1ea3e597e1e37ee4 (patch)
tree: 92901eec53f76e7bc617e47001977cb1b0b614fe /lib/leap_cli/util.rb
parent: 0f92af724ebab6416fc641b57f0a6d43614c25da (diff)
download: leap_cli-e00e5d2b501a0d2727ea84fb1ea3e597e1e37ee4.tar.gz
leap_cli-e00e5d2b501a0d2727ea84fb1ea3e597e1e37ee4.tar.bz2
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/leap_cli/util.rb b/lib/leap_cli/util.rb
index e52c8a1..86a9a14 100644
--- a/lib/leap_cli/util.rb
+++ b/lib/leap_cli/util.rb
@@ -162,7 +162,7 @@ module LeapCli
       dir = Path.named_path(dir)
       unless File.directory?(dir)
         assert_files_missing!(dir, :msg => "Cannot create directory #{dir}")
-        FileUtils.mkdir_p(dir)
+        FileUtils.mkdir_p(dir, :mode => 0700)
         unless dir =~ /\/$/
           dir = dir + '/'
         end
@@ -219,7 +219,7 @@ module LeapCli
           write_file!(filepath, content)
         end
       else
-        File.open(filepath, File::RDWR|File::CREAT, 0644) do |f|
+        File.open(filepath, File::RDWR|File::CREAT, 0600) do |f|
           f.flock(File::LOCK_EX)
           old_content = f.read
           new_content = yield(old_content)
@@ -286,7 +286,7 @@ module LeapCli
         end
       end
 
-      File.open(filepath, 'w') do |f|
+      File.open(filepath, 'w', 0600) do |f|
         f.write contents
       end
author	elijah <elijah@riseup.net>	2013-07-29 20:38:58 -0700
committer	elijah <elijah@riseup.net>	2013-07-29 20:38:58 -0700
commit	e00e5d2b501a0d2727ea84fb1ea3e597e1e37ee4 (patch)
tree	92901eec53f76e7bc617e47001977cb1b0b614fe /lib/leap_cli/util.rb
parent	0f92af724ebab6416fc641b57f0a6d43614c25da (diff)
download	leap_cli-e00e5d2b501a0d2727ea84fb1ea3e597e1e37ee4.tar.gz leap_cli-e00e5d2b501a0d2727ea84fb1ea3e597e1e37ee4.tar.bz2