From 5ccceb92f91a37af6cfb3f99d9cd60069dfe526d Mon Sep 17 00:00:00 2001
From: Hongming Wang <hongmingwang.rabbit@users.noreply.github.com>
Date: Wed, 15 Apr 2026 18:20:48 -0700
Subject: [PATCH] fix(security): chmod 600 macOS launchd plist containing CDP
 token (#296)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

One-liner oversight from #295: the macOS install path wrote the plist
with the default umask (~0644), leaving CDP_PROXY_TOKEN world-readable
to any local user account. The Linux path already writes to a chmod
600 env-file — this brings macOS to parity.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../browser-automation/host-bridge/install-host-bridge.sh    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/plugins/browser-automation/host-bridge/install-host-bridge.sh b/plugins/browser-automation/host-bridge/install-host-bridge.sh
index c644814e..73d3eacc 100755
--- a/plugins/browser-automation/host-bridge/install-host-bridge.sh
+++ b/plugins/browser-automation/host-bridge/install-host-bridge.sh
@@ -68,6 +68,11 @@ install_macos() {
   <key>StandardErrorPath</key><string>${HOME}/.molecule-cdp-proxy.log</string>
 </dict></plist>
 EOF
+  # #296: the plist contains the CDP_PROXY_TOKEN in plaintext. Default
+  # umask leaves it world-readable (~0644) which leaks the token to any
+  # local user on a multi-account macOS host. Lock to owner-only. launchctl
+  # loads user agents as the owning UID so 0600 is safe.
+  chmod 600 "$plist"
   launchctl bootout "gui/$(id -u)/${LABEL}" 2>/dev/null || true
   launchctl bootstrap "gui/$(id -u)" "$plist"
   launchctl kickstart -k "gui/$(id -u)/${LABEL}"