From d6e9fb1df0fd67d08065c2277e7c4f4a82b7930f Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Mon, 11 Jan 2021 19:16:14 -0800 Subject: [PATCH] all: adjust Unix permissions for those without umasks Fixes tailscale/corp#1165 Signed-off-by: Brad Fitzpatrick --- cmd/cloner/cloner.go | 2 +- cmd/derper/derper.go | 2 +- ipn/prefs.go | 2 +- logtail/filch/filch.go | 4 ++-- safesocket/unixsocket.go | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cmd/cloner/cloner.go b/cmd/cloner/cloner.go index 73c9d2412..c5be5279e 100644 --- a/cmd/cloner/cloner.go +++ b/cmd/cloner/cloner.go @@ -140,7 +140,7 @@ func main() { flag.Usage() os.Exit(2) } - if err := ioutil.WriteFile(output, out, 0666); err != nil { + if err := ioutil.WriteFile(output, out, 0644); err != nil { log.Fatal(err) } } diff --git a/cmd/derper/derper.go b/cmd/derper/derper.go index 43c0e84da..fbef25d01 100644 --- a/cmd/derper/derper.go +++ b/cmd/derper/derper.go @@ -97,7 +97,7 @@ func writeNewConfig() config { if err != nil { log.Fatal(err) } - if err := atomicfile.WriteFile(*configPath, b, 0666); err != nil { + if err := atomicfile.WriteFile(*configPath, b, 0600); err != nil { log.Fatal(err) } return cfg diff --git a/ipn/prefs.go b/ipn/prefs.go index 970d08a9a..f8256454b 100644 --- a/ipn/prefs.go +++ b/ipn/prefs.go @@ -296,7 +296,7 @@ func SavePrefs(filename string, p *Prefs) { log.Printf("Saving prefs %v %v\n", filename, p.Pretty()) data := p.ToBytes() os.MkdirAll(filepath.Dir(filename), 0700) - if err := atomicfile.WriteFile(filename, data, 0666); err != nil { + if err := atomicfile.WriteFile(filename, data, 0600); err != nil { log.Printf("SavePrefs: %v\n", err) } } diff --git a/logtail/filch/filch.go b/logtail/filch/filch.go index 86bc45f00..07d9b6203 100644 --- a/logtail/filch/filch.go +++ b/logtail/filch/filch.go @@ -131,11 +131,11 @@ func New(filePrefix string, opts Options) (f *Filch, err error) { path1 := filePrefix + ".log1.txt" path2 := filePrefix + ".log2.txt" - f1, err = os.OpenFile(path1, os.O_CREATE|os.O_RDWR, 0666) + f1, err = os.OpenFile(path1, os.O_CREATE|os.O_RDWR, 0600) if err != nil { return nil, err } - f2, err = os.OpenFile(path2, os.O_CREATE|os.O_RDWR, 0666) + f2, err = os.OpenFile(path2, os.O_CREATE|os.O_RDWR, 0600) if err != nil { return nil, err } diff --git a/safesocket/unixsocket.go b/safesocket/unixsocket.go index b2e2c3399..ad96ac7be 100644 --- a/safesocket/unixsocket.go +++ b/safesocket/unixsocket.go @@ -64,7 +64,7 @@ func listen(path string, port uint16) (ln net.Listener, _ uint16, err error) { if err != nil { return nil, 0, err } - os.Chmod(path, 0666) + os.Chmod(path, 0600) return pipe, 0, err }