From 0df2c83382f98eed7717cecdbbc6d12e5fef2202 Mon Sep 17 00:00:00 2001
From: Daniel Barlow <dan@telent.net>
Date: Thu, 29 Aug 2024 23:56:43 +0100
Subject: [PATCH] tighten perms on service state directory

---
 pkgs/service-fns/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/service-fns/default.nix b/pkgs/service-fns/default.nix
index 4b7e225..f92c196 100644
--- a/pkgs/service-fns/default.nix
+++ b/pkgs/service-fns/default.nix
@@ -23,7 +23,7 @@ writeText "service-fns.sh" ''
   }
   mkstate() {
     d=$SERVICE_STATE/$1
-    mkdir -m 2751 -p $d && chown root:system $d
+    mkdir -m 0700 -p $d && chown root:system $d
     echo $d
   }
   in_outputs() {