From a952ca3ff6af24f867737094d2d13ab2a3ba3bbe Mon Sep 17 00:00:00 2001
From: vanthinh6886 <89525629+vanthinh6886@users.noreply.github.com>
Date: Thu, 14 May 2026 07:59:31 -0700
Subject: [PATCH] fix: restrict .env file permissions to 0600

Set file mode 0600 on ~/.hermes/.env after creation in the installer and
after every write via memory_setup._write_env_vars(). This ensures only
the file owner can read/write API keys and tokens, matching standard
practice for credential files (.netrc, .aws/credentials, .ssh/config).

Fixes #25477
---
 hermes_cli/memory_setup.py | 6 ++++++
 scripts/install.sh         | 4 ++++
 2 files changed, 10 insertions(+)

diff --git a/hermes_cli/memory_setup.py b/hermes_cli/memory_setup.py
index 6ae15e08838..1ee5ed2ec8e 100644
--- a/hermes_cli/memory_setup.py
+++ b/hermes_cli/memory_setup.py
@@ -379,6 +379,12 @@ def _write_env_vars(env_path: Path, env_writes: dict) -> None:
             new_lines.append(f"{key}={val}")
 
     env_path.write_text("\n".join(new_lines) + "\n", encoding="utf-8")
+    # Restrict permissions — .env holds API keys and tokens.
+    try:
+        import stat
+        env_path.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 0600
+    except OSError:
+        pass  # Windows or read-only FS
 
 
 # ---------------------------------------------------------------------------
diff --git a/scripts/install.sh b/scripts/install.sh
index 75e8f1eed5b..1ee5a31ec64 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -1426,6 +1426,10 @@ copy_config_templates() {
     else
         log_info "~/.hermes/.env already exists, keeping it"
     fi
+    # Restrict .env permissions — this file holds API keys and tokens.
+    # 0600 ensures only the file owner can read/write, matching standard
+    # practice for credential files (.netrc, .aws/credentials, .ssh/config).
+    chmod 600 "$HERMES_HOME/.env"
     configure_browser_env_from_system_browser
 
     # Create config.yaml at ~/.hermes/config.yaml (top level, easy to find)