ae5a4ac6ea
Resolves bd-ee1: Add security tests for WriteFile permissions in doctor command Added comprehensive security tests for the FixGitignore function to verify: - Files are created with 0600 permissions (secure, owner-only read/write) - Existing files with insecure permissions are fixed - Read-only files can be updated (permissions fixed first) - File ownership is correct - Permissions are enforced even on systems that respect umask Also improved FixGitignore implementation to: - Handle read-only files by fixing permissions before writing - Explicitly set permissions after write to ensure 0600 regardless of umask - Maintain secure permissions throughout the operation Tests verify the gosec G306 security concern is properly addressed. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2.6 KiB
2.6 KiB