Fix gosec vulnerabilities: file and directory permissions (#142)

- Fix G301: Poor file permissions used when creating a directory. - Fix G306: Poor file permissions used when writing to a new file. See https://github.com/securego/gosec#available-rules
matryer · Dec 13, 2020 · b052143 · b052143
1 parent 0d9680f
commit b052143
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/main.go b/main.go
@@ -90,10 +90,10 @@ func run(flags userFlags) error {
 	}
 
 	// create the file
-	err = os.MkdirAll(filepath.Dir(flags.outFile), 0755)
+	err = os.MkdirAll(filepath.Dir(flags.outFile), 0750)
 	if err != nil {
 		return err
 	}
 
-	return ioutil.WriteFile(flags.outFile, buf.Bytes(), 0644)
+	return ioutil.WriteFile(flags.outFile, buf.Bytes(), 0600)
 }
diff --git a/pkg/moq/moq_modules_test.go b/pkg/moq/moq_modules_test.go
@@ -15,7 +15,7 @@ import (
 // copy copies srcPath to destPath, dirs and files
 func copy(srcPath, destPath string, item os.FileInfo) error {
 	if item.IsDir() {
-		if err := os.MkdirAll(destPath, os.FileMode(0755)); err != nil {
+		if err := os.MkdirAll(destPath, os.FileMode(0750)); err != nil {
 			return err
 		}
 		items, err := ioutil.ReadDir(srcPath)

diff --git a/pkg/moq/moq_test.go b/pkg/moq/moq_test.go
@@ -385,10 +385,10 @@ func matchGoldenFile(goldenFile string, actual []byte) error {
 	// To update golden files, run the following:
 	// go test -v -run '^<Test-Name>$' github.com/matryer/moq/pkg/moq -update
 	if *update {
-		if err := os.MkdirAll(filepath.Dir(goldenFile), 0755); err != nil {
+		if err := os.MkdirAll(filepath.Dir(goldenFile), 0750); err != nil {
 			return fmt.Errorf("create dir: %s", err)
 		}
-		if err := ioutil.WriteFile(goldenFile, actual, 0644); err != nil {
+		if err := ioutil.WriteFile(goldenFile, actual, 0600); err != nil {
 			return fmt.Errorf("write: %s", err)
 		}