Merge branch 'main' of https://github.com/steveyegge/beads

2025-11-23 20:16:18 -08:00
parent 12187fcea3 b6870de7f8
commit 44bf71d47e
2 changed files with 4 additions and 4 deletions
--- a/cmd/bd/setup/utils.go
+++ b/cmd/bd/setup/utils.go
@@ -31,8 +31,8 @@ func atomicWriteFile(path string, data []byte) error {
 		return fmt.Errorf("close temp file: %w", err)
 	}

-	// Set permissions to 0644
-	if err := os.Chmod(tmpPath, 0644); err != nil {
+	// Set permissions to 0600 (owner read/write only)
+	if err := os.Chmod(tmpPath, 0600); err != nil {
 		_ = os.Remove(tmpPath) // Best effort cleanup
 		return fmt.Errorf("set permissions: %w", err)
 	}
--- a/cmd/bd/setup/utils_test.go
+++ b/cmd/bd/setup/utils_test.go
@@ -35,8 +35,8 @@ func TestAtomicWriteFile(t *testing.T) {
 	}

 	mode := info.Mode()
-	if mode.Perm() != 0644 {
-		t.Errorf("file permissions mismatch: got %o, want %o", mode.Perm(), 0644)
+	if mode.Perm() != 0600 {
+		t.Errorf("file permissions mismatch: got %o, want %o", mode.Perm(), 0600)
 	}

 	// Test overwriting existing file