From 97102b98b3647c20352afdfff0c3756796bf8465 Mon Sep 17 00:00:00 2001
From: Kato Twofold <contact@justkato.me>
Date: Wed, 1 Jun 2022 18:08:17 +0300
Subject: [PATCH] * Fixed Security flaw ( Thanks @SleepingProcess )

---
 lib/objects/objects_post.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/objects/objects_post.go b/lib/objects/objects_post.go
index 273e89e..ee69f5a 100644
--- a/lib/objects/objects_post.go
+++ b/lib/objects/objects_post.go
@@ -34,7 +34,7 @@ func getViewsFilePath() (string, error) {
 	// Check if the file exists
 	if _, err := os.Stat(filePath); errors.Is(err, os.ErrNotExist) {
 		// Create the file
-		err := os.WriteFile(filePath, []byte(""), 0777)
+		err := os.WriteFile(filePath, []byte(""), 0640)
 		if err != nil {
 			return ``, err
 		}
@@ -126,7 +126,7 @@ func SavePostViewsCache() error {
 		return err
 	}
 
-	f, err := os.OpenFile(viewsFilePath, os.O_WRONLY|os.O_CREATE, 0777)
+	f, err := os.OpenFile(viewsFilePath, os.O_WRONLY|os.O_CREATE, 0640)
 	if err != nil {
 		return err
 	}
@@ -162,7 +162,7 @@ func getStorageDirectory() string {
 	// Check if the base storage path exists
 	if _, err := os.Stat(baseStoragePath); os.IsNotExist(err) {
 		// Looks like the base storage path was NOT set, create the dir
-		err = os.Mkdir(baseStoragePath, 0777)
+		err = os.Mkdir(baseStoragePath, 0640)
 		// Check for errors
 		if err != nil {
 			// No way this sends an error unless it goes horribly wrong.