From b382e313748a20685c3e87bab1083045dcb9f03c Mon Sep 17 00:00:00 2001
From: Nulo <git@nulo.in>
Date: Thu, 16 Feb 2023 21:26:34 -0300
Subject: [PATCH] restringir permisos cuando se hace alpine.writeFile

---
 alpine.ts | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/alpine.ts b/alpine.ts
index 5954fa8..0cc0fb2 100644
--- a/alpine.ts
+++ b/alpine.ts
@@ -37,13 +37,13 @@ export class Alpine {
     content: string,
     permissions?: { uid: number; gid: number }
   ): Promise<void> {
+    const p = path.join(this.dir, filePath);
     await this.mkdirP(path.dirname(filePath));
-    await sudoWriteFile(path.join(this.dir, filePath), content);
-    if (permissions)
-      await sudoChown(
-        path.join(this.dir, filePath),
-        `${permissions.uid}:${permissions.gid}`
-      );
+    await sudoWriteFile(p, content);
+    if (permissions) {
+      await sudoChown(p, `${permissions.uid}:${permissions.gid}`);
+      await sudoChmod(p, "600");
+    }
   }
   async writeExecutable(filePath: string, content: string): Promise<void> {
     await this.writeFile(filePath, content);