Tor relays fix data directory permissions, but tor clients do not
When adding control socket support to chutney (#21462 (moved)), I discovered that relays set their data directory permissions to 0700 as a side-effect of adding keys to the keys directory.
But clients don't, because they don't have any (filesystem) keys.
Is the client state file worth protecting with 0700? Would we have many fewer ControlSocket permissions errors if we changed the DataDirectory to 0700?
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information