johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix global daemon implementation and improve security

Browse Source 
- bd-159: Global daemon now runs in routing mode without opening DB
- bd-158: Set socket permissions to 0600 for security
- bd-160: Reject --auto-commit/--auto-push with --global
- bd-157: Verified stale socket cleanup (already working)
- bd-56: Closed as won't-do (cycle prevention is better)
- bd-73: Multi-repo support complete
This commit is contained in:
Steve Yegge
2025-10-17 23:17:22 -07:00
parent 0795797bac
commit 0dac4b9003
3 changed files with 78 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/rpc/server.go
View File

@@ -54,6 +54,12 @@ func (s *Server) Start(ctx context.Context) error {
return fmt.Errorf("failed to listen on socket: %w", err)
}
// Set socket permissions to 0600 for security (owner only)
if err := os.Chmod(s.socketPath, 0600); err != nil {
s.listener.Close()
return fmt.Errorf("failed to set socket permissions: %w", err)
}
go s.handleSignals()
for {