🛡️ Sentinel: [CRITICAL] Fix TOCTOU vulnerability in config permissions enforcement

.jules/sentinel.md

@@ -31,3 +31,7 @@
 **Vulnerability:** External shell command executed in `listLocalSnapshots()` triggered a deadlock when `tmutil` output exceeded 64KB, because stdout and stderr were read synchronously inside the process termination handler.
 **Learning:** In Swift, reading from a process pipe synchronously inside a `terminationHandler` can result in a permanent deadlock if the child blocks writing to a full pipe, preventing it from exiting.
 **Prevention:** Asynchronously drain pipes continuously while the process is running using background queues.
+## 2024-05-24 - TOCTOU symlink attack in chmod
+**Vulnerability:** A Time-of-Check to Time-of-Use (TOCTOU) symlink attack when applying `chmod` directly to a file path.
+**Learning:** `chmod()` operates on the path and will follow symlinks, which allows attackers to switch the file to a symlink and modify permissions of arbitrary files on the system before `chmod` executes.
+**Prevention:** Open the file safely using `open()` with `O_NOFOLLOW`, then use `fchmod()` on the resulting file descriptor.

Sources/Cacheout/Headless/DaemonMode.swift

@@ -966,8 +966,14 @@ public actor DaemonMode: StatusSocket.DataSource {
             return
         }
 
-        // Enforce 0600 permissions
-        chmod(path, 0o600)
+        // Enforce 0600 permissions safely to avoid TOCTOU symlink attacks
+        let fd = open(path, O_RDONLY | O_NOFOLLOW)
+        if fd >= 0 {
+            fchmod(fd, 0o600)
+            close(fd)
+        } else {
+            logger.error("Failed to safely open config for permissions check at \(path, privacy: .public)")
+        }
 
         // Read file
         guard let data = FileManager.default.contents(atPath: path) else {