From b040b750751cac7fd46893f4be3d2b30e741fb73 Mon Sep 17 00:00:00 2001
From: YaoZengzeng <yaozengzeng@zju.edu.cn>
Date: Wed, 12 Sep 2018 15:11:35 +0800
Subject: [PATCH] cmd/clef: fix incorrect file permissions for secrets.dat

Signed-off-by: YaoZengzeng <yaozengzeng@zju.edu.cn>
---
 cmd/clef/main.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cmd/clef/main.go b/cmd/clef/main.go
index 85704754d..f363a86f2 100644
--- a/cmd/clef/main.go
+++ b/cmd/clef/main.go
@@ -225,7 +225,7 @@ func initializeSecrets(c *cli.Context) error {
 	if _, err := os.Stat(location); err == nil {
 		return fmt.Errorf("file %v already exists, will not overwrite", location)
 	}
-	err = ioutil.WriteFile(location, masterSeed, 0700)
+	err = ioutil.WriteFile(location, masterSeed, 0400)
 	if err != nil {
 		return err
 	}
@@ -540,14 +540,14 @@ func readMasterKey(ctx *cli.Context) ([]byte, error) {
 
 // checkFile is a convenience function to check if a file
 // * exists
-// * is mode 0600
+// * is mode 0400
 func checkFile(filename string) error {
 	info, err := os.Stat(filename)
 	if err != nil {
 		return fmt.Errorf("failed stat on %s: %v", filename, err)
 	}
 	// Check the unix permission bits
-	if info.Mode().Perm()&077 != 0 {
+	if info.Mode().Perm()&0377 != 0 {
 		return fmt.Errorf("file (%v) has insecure file permissions (%v)", filename, info.Mode().String())
 	}
 	return nil
-- 
GitLab