pub fn create_dir_restricted(path: &Path) -> Result<()>
Create directories with mode 0o700 (owner-only) on Unix.
Uses DirBuilder::mode() on Unix to avoid a TOCTOU window between creation and permission setting.
DirBuilder::mode()