From 4c6c3575c66ce10043c9ea04023788890a228de8 Mon Sep 17 00:00:00 2001
From: Jose Luis Duran <jlduran@users.noreply.github.com>
Date: Wed, 18 Apr 2018 18:29:27 -0300
Subject: Make the master.key readable only by the owner

This change may only apply to POSIX-compliant systems.

Previously:

    $ ls -l config/master.key
    -rw-r--r--   1 owner  group      32 Jan 1 00:00 master.key

Now:

    $ ls -l config/master.key
    -rw-------   1 owner  group      32 Jan 1 00:00 master.key
---
 railties/test/generators/app_generator_test.rb | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'railties/test/generators')

diff --git a/railties/test/generators/app_generator_test.rb b/railties/test/generators/app_generator_test.rb
index 294fdcd6a1..c3809a912b 100644
--- a/railties/test/generators/app_generator_test.rb
+++ b/railties/test/generators/app_generator_test.rb
@@ -941,6 +941,15 @@ class AppGeneratorTest < Rails::Generators::TestCase
     assert_directory("test/system")
   end
 
+  unless Gem.win_platform?
+    def test_master_key_is_only_readable_by_the_owner
+      run_generator
+
+      stat = File.stat("config/master.key")
+      assert_equal "100600", sprintf("%o", stat.mode)
+    end
+  end
+
   private
     def stub_rails_application(root)
       Rails.application.config.root = root
-- 
cgit v1.2.3