Skip to main content

alien_core/
file_utils.rs

1use std::path::Path;
2
3/// Write content to a file with owner-only permissions (0600 on Unix).
4///
5/// Use this for any file containing sensitive data: tokens, secrets, credentials,
6/// encryption keys, or other material that should not be world-readable.
7pub fn write_secret_file(path: &Path, content: &[u8]) -> std::io::Result<()> {
8    #[cfg(unix)]
9    {
10        use std::io::Write;
11        use std::os::unix::fs::OpenOptionsExt;
12        let mut f = std::fs::OpenOptions::new()
13            .write(true)
14            .create(true)
15            .truncate(true)
16            .mode(0o600)
17            .open(path)?;
18        f.write_all(content)?;
19        return Ok(());
20    }
21    #[cfg(not(unix))]
22    {
23        std::fs::write(path, content)
24    }
25}