From a728e79c27f12d1bc4a80ff0a19ca78ca8203144 Mon Sep 17 00:00:00 2001
From: Jordan Padams <33492486+jordanpadams@users.noreply.github.com>
Date: Wed, 13 Nov 2024 17:42:46 -0800
Subject: [PATCH] Fix code scanning alert no. 58: Overly permissive file
 permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/pds_doi_service/core/db/transaction_on_disk.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pds_doi_service/core/db/transaction_on_disk.py b/src/pds_doi_service/core/db/transaction_on_disk.py
index c9712844..003cc8cb 100644
--- a/src/pds_doi_service/core/db/transaction_on_disk.py
+++ b/src/pds_doi_service/core/db/transaction_on_disk.py
@@ -170,7 +170,7 @@ def write(self, transaction_dir, input_ref=None, output_content=None, output_con
                     r.close()
 
                 # Set up permissions for copied input
-                os.chmod(full_input_name, 0o0664)
+                os.chmod(full_input_name, 0o0600)
 
         # Write output file with provided content
         # The extension of the file is determined by the provided content type
@@ -181,7 +181,7 @@ def write(self, transaction_dir, input_ref=None, output_content=None, output_con
                 outfile.write(output_content)
 
             # Set up permissions for copied output
-            os.chmod(full_output_name, 0o0664)
+            os.chmod(full_output_name, 0o0600)
 
         logger.info(f"Transaction files saved to {transaction_dir}")