Harden permissions on tmp dir and socket

danielpgross · danielpgross · commit f0cfc3e4a5c5 · 2025-08-18T21:40:15.000-04:00
diff --git a/src/file_manager.zig b/src/file_manager.zig
@@ -1,5 +1,6 @@
 const std = @import("std");
 const fs = std.fs;
+const posix = std.posix;
 const log = std.log.scoped(.file_manager);
 
 pub const FileManager = struct {
@@ -21,6 +22,11 @@ pub const FileManager = struct {
             else => return err,
         };
 
+        // Harden permissions on the base directory so only the user can access it
+        posix.fchmodat(posix.AT.FDCWD, base_path, 0o700, 0) catch |chmod_err| {
+            log.warn("Failed to set permissions 0700 on {s}: {}", .{ base_path, chmod_err });
+        };
+
         // Transfer ownership if we allocated, otherwise dupe the provided slice
         const base_dir: []u8 = if (owned_path) |p| p else try allocator.dupe(u8, base_path);
 
diff --git a/src/main.zig b/src/main.zig
@@ -122,6 +122,10 @@ pub fn main() !void {
             .kernel_backlog = 128,
         });
 
+        std.posix.fchmodat(std.posix.AT.FDCWD, socket_path, 0o600, 0) catch |chmod_err| {
+            log.warn("Failed to set permissions 0600 on socket {s}: {}", .{ socket_path, chmod_err });
+        };
+
         log.info("RMate Launcher {} listening on Unix socket: {s}", .{ build_options.version, socket_path });
         break :blk unix_listener;
     } else blk: {
