go-io

core/go-io

History

Snider f3f741c0a7 feat(security): add WriteMode to Medium interface for file permissions Codex security review found that migrating os.WriteFile(path, data, 0600) to coreio.Local.Write() changed permissions from owner-only to world-readable (0644). This is a security regression for encryption output, private keys, and auth hashes. WriteMode(path, content, mode) allows callers to specify permissions. Write() remains the default (0644) for non-sensitive files. Affected implementors updated: local.Medium, MockMedium, Node, datanode.Medium. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-17 17:23:31 +00:00
..
client.go	feat(security): add WriteMode to Medium interface for file permissions	2026-03-17 17:23:31 +00:00
client_test.go	fix: use UK English spelling throughout	2026-03-15 10:10:46 +00:00

Snider f3f741c0a7 feat(security): add WriteMode to Medium interface for file permissions

Codex security review found that migrating os.WriteFile(path, data, 0600)
to coreio.Local.Write() changed permissions from owner-only to world-readable
(0644). This is a security regression for encryption output, private keys,
and auth hashes.

WriteMode(path, content, mode) allows callers to specify permissions.
Write() remains the default (0644) for non-sensitive files.

Affected implementors updated: local.Medium, MockMedium, Node, datanode.Medium.

Co-Authored-By: Virgil <virgil@lethean.io>

2026-03-17 17:23:31 +00:00

client.go

feat(security): add WriteMode to Medium interface for file permissions

2026-03-17 17:23:31 +00:00

client_test.go

fix: use UK English spelling throughout

2026-03-15 10:10:46 +00:00