diff --git a/src/bin/daemon.rs b/src/bin/daemon.rs index e546f2e..47bb251 100644 --- a/src/bin/daemon.rs +++ b/src/bin/daemon.rs @@ -9,6 +9,7 @@ use pwsp::{ pipewire::create_virtual_mic, }, }; +use std::os::unix::fs::PermissionsExt; use std::{error::Error, fs, time::Duration}; use tokio::{ io::{AsyncReadExt, AsyncWriteExt}, @@ -54,6 +55,8 @@ async fn main() -> Result<(), Box> { } let listener = UnixListener::bind(&socket_path)?; + fs::set_permissions(&socket_path, fs::Permissions::from_mode(0o600))?; + println!( "Daemon started. Listening on {}", socket_path.to_str().unwrap_or_default() diff --git a/src/utils/daemon.rs b/src/utils/daemon.rs index 9689109..f2c67a2 100644 --- a/src/utils/daemon.rs +++ b/src/utils/daemon.rs @@ -6,6 +6,7 @@ use crate::{ }, utils::pipewire::{create_link, get_device}, }; +use std::os::unix::fs::PermissionsExt; use std::path::PathBuf; use std::{error::Error, fs}; use tokio::{ @@ -84,6 +85,7 @@ pub fn create_runtime_dir() -> Result<(), Box> { if !runtime_dir.exists() { fs::create_dir_all(&runtime_dir)?; } + fs::set_permissions(&runtime_dir, fs::Permissions::from_mode(0o700))?; Ok(()) }