Create config file with 0600 permissions

It contains secrets and should not be readable by others. fixes #109
ihabunek · Aug 27, 2019 · 73ba70e · 73ba70e
1 parent d21cad8
commit 73ba70e
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/toot/config.py b/toot/config.py
@@ -52,7 +52,9 @@ def make_config(path):
     # Ensure dir exists
     os.makedirs(dirname(path), exist_ok=True)
 
-    with open(path, 'w') as f:
+    # Create file with 600 permissions since it contains secrets
+    fd = os.open(path, os.O_CREAT | os.O_WRONLY, 0o600)
+    with os.fdopen(fd, 'w') as f:
         json.dump(config, f, indent=True)