vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-31 21:40:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
spawn/linode
History
Sprite 7162f9c236 refactor: secure temp files with chmod 600 before writing credentials 
Added chmod 600 to all temporary files that contain sensitive data (API keys, tokens, configs):
- ENV_TEMP: 35 files (all agent scripts across 5 clouds)
- OPENCLAW_CONFIG_TEMP: 5 files (already done in previous commit)
- SETTINGS_TEMP: 5 files (Claude Code settings)
- GLOBAL_STATE_TEMP: 5 files (Claude Code global state)
- DOTENV_TEMP: 5 files (NanoClaw .env files)

Total: 55 temp files secured

This prevents race conditions where sensitive data could be read by other users
between mktemp creation (mode 600 by default) and data being written.

Security hardening for task #23.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-07 20:03:55 +00:00
..
lib refactor: Extract SSH key management helpers to reduce nesting 2026-02-07 20:03:43 +00:00
aider.sh refactor: secure temp files with chmod 600 before writing credentials 2026-02-07 20:03:55 +00:00
claude.sh refactor: secure temp files with chmod 600 before writing credentials 2026-02-07 20:03:55 +00:00
codex.sh refactor: secure temp files with chmod 600 before writing credentials 2026-02-07 20:03:55 +00:00
goose.sh refactor: secure temp files with chmod 600 before writing credentials 2026-02-07 20:03:55 +00:00
interpreter.sh refactor: secure temp files with chmod 600 before writing credentials 2026-02-07 20:03:55 +00:00
nanoclaw.sh refactor: secure temp files with chmod 600 before writing credentials 2026-02-07 20:03:55 +00:00
openclaw.sh refactor: secure temp files with chmod 600 before writing credentials 2026-02-07 20:03:55 +00:00