[NemoClaw][All Platforms][Security] NemoClaw creates ~/.nemoclaw and config.json with world-readable permissions after onboard (should be 700/600)

[PrachiShevate-nv]

Description

NemoClaw creates ~/.nemoclaw/ and root-level config files with group/world-readable permissions instead of owner-only (e.g., 1755 dir, 644 config). This is a security regression — world-readable config / credentials should not require users to manually run chmod after onboard.

Verified on multiple platforms.

Component area: Security.

Environment

Platform:
WSL2 (Ubuntu 22.04 in WSL2 on Windows)
DGX Spark
Ubuntu 26.04

Versions: 
openshell 0.0.39
nemoclaw v0.0.48
docker 29.4.3
node v22.22.3
npm 10.9.8
OpenClaw 2026.4.24 (cbcfdf6)

Steps to Reproduce

Assuming NemoClaw has been onboarded with any provider and is using host ~/.nemoclaw/:

# 1. Check directory permissions
stat -c '%a %n' ~/.nemoclaw/

# 2. Check root-level file permissions under ~/.nemoclaw/
find ~/.nemoclaw/ -maxdepth 1 -type f -exec stat -c '%a %n' {} \;

# 3. Flag any group/world-readable or writable root-level files
find ~/.nemoclaw/ -maxdepth 1 -type f -perm /077 -exec echo "INSECURE: {}" \;

Note: ~/.nemoclaw/source/ is intentionally excluded from these checks, since it contains open-source code only and no credentials.

Expected Result

• ~/.nemoclaw/ directory has owner-only permissions:

  700 /sandbox/.nemoclaw/
  

• Every root-level file under ~/.nemoclaw/ (e.g., config.json, any credentials/config files) has:

  600 /sandbox/.nemoclaw/config.json
  

• The "INSECURE" scan prints nothing:

  # no output
  

Actual Result

sandbox@b88cd2f537bc:~$ stat -c '%a %n' ~/.nemoclaw/
1755 /sandbox/.nemoclaw/

sandbox@b88cd2f537bc:~$ find ~/.nemoclaw/ -maxdepth 1 -type f -exec stat -c '%a %n' {} \;
644 /sandbox/.nemoclaw/config.json

sandbox@b88cd2f537bc:~$ find ~/.nemoclaw/ -maxdepth 1 -type f -perm /077 -exec echo "INSECURE: {}" \;
INSECURE: /sandbox/.nemoclaw/config.json

The problems are:

• The directory is 1755 (world-readable/executable, plus sticky bit) instead of 700.
• The root-level config file is 644 (group/world-readable) instead of 600.

Logs

Not captured — the Actual Result stat / find output above is the evidence.

---

NVB#6202182

[PrachiShevate-nv]

Unable to reproduce this issue on v0.0.52. Closing this bug.

local-mercl@2u2g-gen-0690:~$ stat -c '%a %n' ~/.nemoclaw/
700 /localhome/local-mercl/.nemoclaw/

local-mercl@2u2g-gen-0690:~$ find ~/.nemoclaw/ -maxdepth 1 -type f -exec stat -c '%a %n' {} ;
600 /localhome/local-mercl/.nemoclaw/ollama-auth-proxy.pid
600 /localhome/local-mercl/.nemoclaw/onboard-session.json
600 /localhome/local-mercl/.nemoclaw/ollama-proxy-token
600 /localhome/local-mercl/.nemoclaw/sandboxes.json
600 /localhome/local-mercl/.nemoclaw/usage-notice.json

local-mercl@2u2g-gen-0690:~$ find /.nemoclaw/ -maxdepth 1 -type f -perm /077 -exec echo "INSECURE: {}" ;
local-mercl@2u2g-gen-0690:$