From e9cd735e0c85c36ad05b540e287463235b49eebe Mon Sep 17 00:00:00 2001
From: Gibheer <gibheer+git@zero-knowledge.org>
Date: Wed, 18 Apr 2018 14:14:25 +0200
Subject: [PATCH] fix file permissions

This was reported to me, that it makes no sense that csr, crt and so on
are written as 0700. And even in the case of private keys, why do they
need the executable bit set?
---
 create_private_key.go | 2 +-
 io.go                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/create_private_key.go b/create_private_key.go
index c13889f..3e0c976 100644
--- a/create_private_key.go
+++ b/create_private_key.go
@@ -47,7 +47,7 @@ func CreatePrivateKey(args []string) error {
 	if *flagOutput == "stdout" {
 		out = os.Stdout
 	} else {
-		out, err = os.OpenFile(*flagOutput, os.O_WRONLY|os.O_CREATE|os.O_EXCL|os.O_SYNC, 0700)
+		out, err = os.OpenFile(*flagOutput, os.O_WRONLY|os.O_CREATE|os.O_EXCL|os.O_SYNC, 0600)
 		if err != nil {
 			return err
 		}
diff --git a/io.go b/io.go
index 0809259..ab8611f 100644
--- a/io.go
+++ b/io.go
@@ -15,7 +15,7 @@ func openOutput(path string) (io.WriteCloser, error) {
 	if path == "stdout" {
 		out = os.Stdout
 	} else {
-		out, err = os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_EXCL|os.O_SYNC, 0700)
+		out, err = os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_EXCL|os.O_SYNC, 0640)
 		if err != nil {
 			return nil, err
 		}