vault.py::_runtime_dir does d.mkdir(mode=0o700, exist_ok=True). If another user on the host pre-creates /tmp/pwrap-<your-uid> with looser perms, we silently adopt it — /tmp is sticky-world-writable, so this is reachable by any local user.
Preferred fix: use $XDG_RUNTIME_DIR (per-user /run/user/<uid>, 0700 by default, cleaned on logout).
Fallback if staying in /tmp: stat after mkdir and refuse if owner != geteuid() or mode is wider than 0o700. Fail fast with a clear error.
vault.py::_runtime_dirdoesd.mkdir(mode=0o700, exist_ok=True). If another user on the host pre-creates/tmp/pwrap-<your-uid>with looser perms, we silently adopt it —/tmpis sticky-world-writable, so this is reachable by any local user.Preferred fix: use
$XDG_RUNTIME_DIR(per-user/run/user/<uid>, 0700 by default, cleaned on logout).Fallback if staying in /tmp: stat after mkdir and refuse if owner != geteuid() or mode is wider than 0o700. Fail fast with a clear error.