Merge pull request #363 from rancher-sandbox/362-restrict-kubeconfig-perms

When creating ~/.kube/config, harden permissions.

Author: mattfarina

src/config/kubeconfig.js

@@ -36,7 +36,7 @@ function path() {
         kind:              'Config',
         preferences:       {},
         users:             [],
-      }, undefined, 2));
+      }, undefined, 2), { mode: 0o600 });
     }
 
     return cfg;

src/k8s-engine/k3sHelper.ts

@@ -551,7 +551,7 @@ export default class K3sHelper extends events.EventEmitter {
       merge(userConfig.users, workConfig.users);
       merge(userConfig.clusters, workConfig.clusters);
       const userYAML = this.ensureContentsAreYAML(userConfig.exportConfig());
-      const writeStream = fs.createWriteStream(workPath);
+      const writeStream = fs.createWriteStream(workPath, { mode: 0o600 });
 
       await new Promise((resolve, reject) => {
         writeStream.on('error', reject);