From b052143b5aa66e4da5b72ec250818f557aff2177 Mon Sep 17 00:00:00 2001 From: Isaev Ivan Date: Sun, 13 Dec 2020 06:51:03 +0300 Subject: [PATCH] Fix gosec vulnerabilities: file and directory permissions (#142) - Fix G301: Poor file permissions used when creating a directory. - Fix G306: Poor file permissions used when writing to a new file. See https://github.com/securego/gosec#available-rules --- main.go | 4 ++-- pkg/moq/moq_modules_test.go | 2 +- pkg/moq/moq_test.go | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/main.go b/main.go index 6f6b35a..d33d81f 100644 --- a/main.go +++ b/main.go @@ -90,10 +90,10 @@ func run(flags userFlags) error { } // create the file - err = os.MkdirAll(filepath.Dir(flags.outFile), 0755) + err = os.MkdirAll(filepath.Dir(flags.outFile), 0750) if err != nil { return err } - return ioutil.WriteFile(flags.outFile, buf.Bytes(), 0644) + return ioutil.WriteFile(flags.outFile, buf.Bytes(), 0600) } diff --git a/pkg/moq/moq_modules_test.go b/pkg/moq/moq_modules_test.go index 3e1e0be..50ebcd4 100644 --- a/pkg/moq/moq_modules_test.go +++ b/pkg/moq/moq_modules_test.go @@ -15,7 +15,7 @@ import ( // copy copies srcPath to destPath, dirs and files func copy(srcPath, destPath string, item os.FileInfo) error { if item.IsDir() { - if err := os.MkdirAll(destPath, os.FileMode(0755)); err != nil { + if err := os.MkdirAll(destPath, os.FileMode(0750)); err != nil { return err } items, err := ioutil.ReadDir(srcPath) diff --git a/pkg/moq/moq_test.go b/pkg/moq/moq_test.go index b3211e1..f052ab8 100644 --- a/pkg/moq/moq_test.go +++ b/pkg/moq/moq_test.go @@ -385,10 +385,10 @@ func matchGoldenFile(goldenFile string, actual []byte) error { // To update golden files, run the following: // go test -v -run '^$' github.com/matryer/moq/pkg/moq -update if *update { - if err := os.MkdirAll(filepath.Dir(goldenFile), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(goldenFile), 0750); err != nil { return fmt.Errorf("create dir: %s", err) } - if err := ioutil.WriteFile(goldenFile, actual, 0644); err != nil { + if err := ioutil.WriteFile(goldenFile, actual, 0600); err != nil { return fmt.Errorf("write: %s", err) }