pub fn write_sensitive_file(path: &Path, data: impl AsRef<[u8]>) -> Result<()>Expand description
Write data to a file with restrictive permissions (0o600 on Unix).
Uses atomic temp-file-then-rename to avoid TOCTOU races where the file exists with default permissions before being restricted.
Args:
path- Destination file path.data- Bytes to write.