From 097d33ad28db46a3e6f15e98d1a7c6949bf14b66 Mon Sep 17 00:00:00 2001
From: Marie Huynh <mariethuynh@gmail.com>
Date: Sat, 10 Oct 2015 14:28:57 -0700
Subject: [PATCH 1/2] lock the secrets file

---
 set_up_twitter.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/set_up_twitter.md b/set_up_twitter.md
index 59ac233..1f7f25b 100644
--- a/set_up_twitter.md
+++ b/set_up_twitter.md
@@ -23,4 +23,9 @@ consumer_key = "I'M A CONSUMER KEY"
 consumer_secret = "I'M A CONSUMER SECRET"
 access_token = "I'M AN ACCESS TOKEN"
 access_token_secret = "I'M AN ACCESS TOKEN SECRET"
-```
\ No newline at end of file
+```
+
+* On the bash console, make sure you're in the hello-world-bot directory and run 
+```sh
+chmod o-r secrets.py 
+```

From d09b6b42ad7be162c34180198ebdc69794bbceb2 Mon Sep 17 00:00:00 2001
From: Marie Huynh <mariethuynh@gmail.com>
Date: Thu, 15 Oct 2015 02:47:46 -0700
Subject: [PATCH 2/2] Added explanation for chmod

---
 set_up_twitter.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/set_up_twitter.md b/set_up_twitter.md
index 1f7f25b..a9b0cc4 100644
--- a/set_up_twitter.md
+++ b/set_up_twitter.md
@@ -25,7 +25,7 @@ access_token = "I'M AN ACCESS TOKEN"
 access_token_secret = "I'M AN ACCESS TOKEN SECRET"
 ```
 
-* On the bash console, make sure you're in the hello-world-bot directory and run 
+* The default on some systems is for new files to be publicly readable, so you should change the permissions on the secrets file so no one can hijack your Twitter account.  To remove the world-read permission, on the bash console, make sure you're in the hello-world-bot directory and run 
 ```sh
 chmod o-r secrets.py 
 ```