From d4fa60e1cf02256e2e27d5f0b839f47c8ef23f83 Mon Sep 17 00:00:00 2001
From: Nelson Minar <nelson@monkey.org>
Date: Thu, 18 Feb 2016 16:18:02 +0000
Subject: [PATCH] Ensure the auth cache file is not world readable.

---
 discord/client.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/discord/client.py b/discord/client.py
index e99e46f61..9ec9adf04 100644
--- a/discord/client.py
+++ b/discord/client.py
@@ -198,7 +198,7 @@ class Client:
         try:
             cache_file = self._get_cache_filename(email)
             os.makedirs(os.path.dirname(cache_file), exist_ok=True)
-            with open(cache_file, 'w') as f:
+            with os.fdopen(os.open(cache_file, os.O_WRONLY | os.O_CREAT, 0o0600), 'w') as f:
                 log.info('updating login cache')
                 f.write(self.token)
         except OSError: