From 94db3a5b6f1e14c947c2a8db19fcfe017dd1b8fc Mon Sep 17 00:00:00 2001
From: Matt Behrens <matt@zigg.com>
Date: Wed, 24 Jan 2018 21:41:02 -0500
Subject: [PATCH] make .secret files user-readable only

---
 fediplay.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/fediplay.py b/fediplay.py
index a5bca3f..d26acbf 100644
--- a/fediplay.py
+++ b/fediplay.py
@@ -1,3 +1,4 @@
+from os import umask
 from subprocess import run
 from threading import Thread, Lock
 
@@ -64,11 +65,15 @@ class StreamListener(mastodon.StreamListener):
             self.queue.add(links[0])
 
 def register(api_base_url):
+    old_umask = umask(0o77)
     Mastodon.create_app('fediplay', api_base_url=api_base_url, to_file='clientcred.secret')
+    umask(old_umask)
 
 def login(api_base_url, email, password):
     client = Mastodon(client_id='clientcred.secret', api_base_url=api_base_url)
+    old_umask = umask(0o77)
     client.log_in(email, password, to_file='usercred.secret')
+    umask(old_umask)
 
 def stream(api_base_url):
     client = Mastodon(client_id='clientcred.secret', access_token='usercred.secret', api_base_url=api_base_url)