Updates to resolve issues identified by gosec (#330)

* Updates to resolve issues identified by gosec
2019-06-07 11:51:34 +01:00
parent ee4351e55d
commit 3f9fc0eaa5
13 changed files with 163 additions and 40 deletions
--- a/cmd/runmqserver/webserver.go
+++ b/cmd/runmqserver/webserver.go
@@ -38,6 +38,7 @@ func startWebServer(keystore, keystorepw string) error {
 		return nil
 	}
 	log.Println("Starting web server")
+	// #nosec G204 - command is fixed, no injection vector
 	cmd := exec.Command("strmqweb")
 	// Set a default app password for the web server, if one isn't already set
 	_, set := os.LookupEnv("MQ_APP_PASSWORD")
@@ -175,6 +176,7 @@ func configureWebServer(keyLabel string, p12Trust tls.KeyStoreData) (string, err
 		}
 		if info.IsDir() {
 			if !exists {
+				// #nosec G301 - write group permissions are required
 				err := os.MkdirAll(to, 0770)
 				if err != nil {
 					return err