security: restrict target list visibility from apps

- /proc/vpnhide_targets: change from 0644 to 0600 (root only).
  Apps could read the UID list and discover which apps are targeted.
- Remove /data/local/tmp/vpnhide_targets.txt copies from service.sh
  and WebUI (no longer needed after get_module_dir() fix).

zygisk/module/service.sh

@@ -7,13 +7,9 @@ TARGETS_FILE="$PERSIST_DIR/targets.txt"
 MODULE_DIR="${0%/*}"
 SS_UIDS_FILE="/data/system/vpnhide_uids.txt"
 
-# Copy targets to module dir and world-readable location.
-# On Magisk, SELinux blocks both zygote and untrusted_app from
-# /data/adb/*. /data/local/tmp/ is readable by all apps.
+# Copy targets to module dir so Zygisk can read via get_module_dir() fd.
 if [ -f "$TARGETS_FILE" ]; then
     cp "$TARGETS_FILE" "$MODULE_DIR/targets.txt" 2>/dev/null
-    cp "$TARGETS_FILE" /data/local/tmp/vpnhide_targets.txt 2>/dev/null
-    chmod 644 /data/local/tmp/vpnhide_targets.txt 2>/dev/null
 fi
 
 # Wait for PackageManager to be ready