From d92c8a6b7dfa1b3b357206b881c4984f62629171 Mon Sep 17 00:00:00 2001 From: Jacob Young Date: Thu, 7 Nov 2024 20:25:04 -0500 Subject: [PATCH] std.http.Client: change ssl key log creation permission bits This is the same mode used by openssh for private keys. This does not change the mode of an existing file, so users who need something different can pre-create the file with their designed permissions or change them after the fact, and running another process that writes to the key log will not change it back. --- lib/std/http/Client.zig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/std/http/Client.zig b/lib/std/http/Client.zig index cddc6297c9cd..dfc94e757a3b 100644 --- a/lib/std/http/Client.zig +++ b/lib/std/http/Client.zig @@ -1361,7 +1361,7 @@ pub fn connectTcp(client: *Client, host: []const u8, port: u16, protocol: Connec error.OutOfMemory => return error.OutOfMemory, }; defer client.allocator.free(ssl_key_log_path); - break :ssl_key_log_file std.fs.cwd().createFile(ssl_key_log_path, .{ .truncate = false }) catch null; + break :ssl_key_log_file std.fs.cwd().createFile(ssl_key_log_path, .{ .truncate = false, .mode = 0o600 }) catch null; } else null; errdefer if (ssl_key_log_file) |key_log_file| key_log_file.close();