fix: revert audit permission change and clarify test comment

Copilot · web-flow · commit 9576d83ef267 · 2026-05-01T00:10:05.000Z
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/596b0f08-d1fb-468e-9115-70b3e4af8519
diff --git a/scripts/ci/postprocess-smoke-workflows.test.ts b/scripts/ci/postprocess-smoke-workflows.test.ts
@@ -423,11 +423,11 @@ describe('issueDuplicationConclusionConcurrencyRegex', () => {
       '    concurrency:\n' +
       '      group: "gh-aw-conclusion-issue-duplication-detector-${{ github.event.issue.number || github.run_id }}"\n' +
       '      cancel-in-progress: false\n';
-    // The sentinel string is present in the already-updated content —
-    // this means the transform would be skipped via the sentinel check.
+    // The sentinel string is present in the already-updated content, so the
+    // postprocess script skips the transform. Additionally, the regex itself
+    // does NOT match the updated form because the closing quote is no longer
+    // immediately after "issue-duplication-detector" — both guards agree.
     expect(alreadyUpdated.includes(issueDuplicationConclusionConcurrencySentinel)).toBe(true);
-    // The regex itself still matches the suffix of the group name, but the
-    // sentinel guard in the script prevents double-application.
     expect(issueDuplicationConclusionConcurrencyRegex.test(alreadyUpdated)).toBe(false);
   });
 
diff --git a/src/docker-manager.ts b/src/docker-manager.ts
@@ -2339,20 +2339,19 @@ export async function writeConfigs(config: WrapperConfig): Promise<void> {
   // Write audit artifacts (config snapshots for post-run forensics)
   const auditDir = config.auditDir || path.join(config.workDir, 'audit');
   if (!fs.existsSync(auditDir)) {
-    // World-readable so gh-aw post-job scanners can access audit artifacts
-    // (files are already secret-redacted, so 0o755 is safe)
-    fs.mkdirSync(auditDir, { recursive: true, mode: 0o755 });
+    // Restrictive permissions initially; made readable during cleanup (chmod a+rX)
+    fs.mkdirSync(auditDir, { recursive: true, mode: 0o700 });
   }
 
   // Save squid.conf for audit (no secrets — just domain ACLs and proxy config)
-  fs.writeFileSync(path.join(auditDir, 'squid.conf'), squidConfig, { mode: 0o644 });
+  fs.writeFileSync(path.join(auditDir, 'squid.conf'), squidConfig, { mode: 0o600 });
 
   // Save redacted docker-compose.yml (strip env vars that may contain secrets)
   const redactedCompose = redactDockerComposeSecrets(dockerCompose);
   fs.writeFileSync(
     path.join(auditDir, 'docker-compose.redacted.yml'),
     yaml.dump(redactedCompose, { lineWidth: -1 }),
-    { mode: 0o644 }
+    { mode: 0o600 }
   );
 
   // Generate and save policy manifest (structured description of all firewall rules)
@@ -2369,7 +2368,7 @@ export async function writeConfigs(config: WrapperConfig): Promise<void> {
   fs.writeFileSync(
     path.join(auditDir, 'policy-manifest.json'),
     JSON.stringify(policyManifest, null, 2),
-    { mode: 0o644 }
+    { mode: 0o600 }
   );
 
   logger.debug(`Audit artifacts written to: ${auditDir}`);
