From 4b6edfbfd2e7843a6e673883e8e990f8fbe041d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mike=20F=C3=A4hrmann?= <mike_faehrmann@web.de>
Date: Wed, 31 Jul 2019 15:27:06 +0200
Subject: [PATCH] restrict permissions without importing 'pathlib'

and only on non-Windows systems.

1. On Windows the 'mode' argument for os.open() has no (visible) effect
   on access permissions for new files.
2. The default location for 'cache.file' on Windows is in
   %USERPROFILE%\AppData\Local\Temp which can only be accessed by the
   owner himself (or an admin).
---
 gallery_dl/cache.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/gallery_dl/cache.py b/gallery_dl/cache.py
index 45db2875..25b66607 100644
--- a/gallery_dl/cache.py
+++ b/gallery_dl/cache.py
@@ -9,9 +9,9 @@
 """Decorators to keep function results in an in-memory and database cache"""
 
 import sqlite3
-import pathlib
 import pickle
 import time
+import os
 import functools
 from . import config, util
 
@@ -200,8 +200,10 @@ def _path():
 
 try:
     dbfile = _path()
-    pathlib.Path(dbfile).touch(mode=0o600)
+    if os.name != "nt":
+        # restrict access permissions for new db files
+        os.close(os.open(dbfile, os.O_CREAT | os.O_RDONLY, 0o600))
     DatabaseCacheDecorator.db = sqlite3.connect(
         dbfile, timeout=30, check_same_thread=False)
-except (PermissionError, TypeError, sqlite3.OperationalError):
+except (OSError, TypeError, sqlite3.OperationalError):
     cache = memcache  # noqa: F811