From 73ba70eb83b1323ccc48f050e6e2f9262413e2bf Mon Sep 17 00:00:00 2001
From: Ivan Habunek <ivan@habunek.com>
Date: Tue, 27 Aug 2019 13:20:22 +0200
Subject: [PATCH] Create config file with 0600 permissions

It contains secrets and should not be readable by others.

fixes #109
---
 toot/config.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/toot/config.py b/toot/config.py
index c8860a5..565293a 100644
--- a/toot/config.py
+++ b/toot/config.py
@@ -52,7 +52,9 @@ def make_config(path):
     # Ensure dir exists
     os.makedirs(dirname(path), exist_ok=True)
 
-    with open(path, 'w') as f:
+    # Create file with 600 permissions since it contains secrets
+    fd = os.open(path, os.O_CREAT | os.O_WRONLY, 0o600)
+    with os.fdopen(fd, 'w') as f:
         json.dump(config, f, indent=True)