Expand description
Cross-platform file / directory permission tightening for secret-bearing paths (bootstrap seeds, keystores, export bundles).
The implementation is homed in vti_common::secure_file so it can be
shared by every consumer (CLIs, services, and the vti-secrets crate’s
plaintext backend) without duplication. This module re-exports it for
backwards-compatible vta_cli_common::secure_file::* call sites.
Functions§
- restrict_
dir_ to_ owner - Restrict
path(a directory) so only the owner can traverse / read / write. On Unix:0700. On Windows: inheritance removed and DACL replaced with full control to the current user only. - restrict_
file_ to_ owner - Restrict
path(a file) so only the owner can read / write.