Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Set initial config perms 0600, it holds secrets #120

Merged
merged 2 commits into from

3 participants

@bemurphy

Since the config file holds secret keys for oauth, I figured it was best written default the first time with 0600 perms.

@no6v
Collaborator

Thank you for noticing this. I agree with this patch even though I prefer using mode: "w", perm: 0600 style :).

I think this File instance could be closed immediately by giving (empty) block or close explicitly.
How do you feel? Is that GC job?

@bemurphy

Hmm, I wasn't aware File.open could be passed the perm in a hash. If so, that's probably more explicit.

As for closing it, I'd favor explicit .close over an empty block; it would confuse a reader less. I will drop both in an additional commit.

@no6v
Collaborator

Does "w" leave alone? or {mode: "w"} ? But that is not essential.
Now, everything is reasonable for me, thanks.
@jugyo, can I merge this?

@no6v
Collaborator

Sorry for my misreading. mode: is there exactly!

@jugyo jugyo merged commit 42f70ba into jugyo:master
@jugyo
Owner

It was merged.
I think 0600 is best.

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
Showing with 1 addition and 1 deletion.
  1. +1 −1  lib/earthquake/core.rb
View
2  lib/earthquake/core.rb
@@ -85,7 +85,7 @@ def load_config
if File.exists?(config[:file])
load config[:file]
else
- File.open(config[:file], 'w')
+ File.open(config[:file], mode: 'w', perm: 0600).close
end
config.update(preferred_config) do |key, cur, new|
Something went wrong with that request. Please try again.