diff --git a/cmd/clef/main.go b/cmd/clef/main.go index 85704754de..f363a86f2c 100644 --- a/cmd/clef/main.go +++ b/cmd/clef/main.go @@ -225,7 +225,7 @@ func initializeSecrets(c *cli.Context) error { if _, err := os.Stat(location); err == nil { return fmt.Errorf("file %v already exists, will not overwrite", location) } - err = ioutil.WriteFile(location, masterSeed, 0700) + err = ioutil.WriteFile(location, masterSeed, 0400) if err != nil { return err } @@ -540,14 +540,14 @@ func readMasterKey(ctx *cli.Context) ([]byte, error) { // checkFile is a convenience function to check if a file // * exists -// * is mode 0600 +// * is mode 0400 func checkFile(filename string) error { info, err := os.Stat(filename) if err != nil { return fmt.Errorf("failed stat on %s: %v", filename, err) } // Check the unix permission bits - if info.Mode().Perm()&077 != 0 { + if info.Mode().Perm()&0377 != 0 { return fmt.Errorf("file (%v) has insecure file permissions (%v)", filename, info.Mode().String()) } return nil