fix(server): harden sandbox TLS secret volume permissions

[drew]

Motivation

• Prevent sandboxed agent processes from reading the shared mTLS client private key and impersonating the control-plane client by reducing file permission exposure of the mounted TLS secret.

Description

• Set Kubernetes secret defaultMode to 0400 (256 decimal) for the sandbox TLS secret volume in both the default pod template path and the custom pod-template injection path in crates/openshell-server/src/sandbox/mod.rs.
• Preserve the existing mount path and environment variable wiring that points sandbox code to /etc/openshell-tls/client/* so runtime behavior remains unchanged.
• Add a unit regression test tls_secret_volume_uses_owner_read_only_mode asserting the injected TLS secret uses defaultMode: 256.
• Run cargo fmt --all to keep formatting consistent.

Testing

• Ran cargo test -p openshell-server tls_ which executed the added unit test plus related TLS tests and integration cases, and all ran successfully (unit tests passed and integration TLS tests succeeded).
• Ran cargo fmt --all which completed without changes/errors.
• Attempted mise run pre-commit but it failed in this environment due to external tool/version resolution and network/trust issues, so pre-commit automation could not be validated here.

---

Codex Task

[github-actions]

Thank you for your submission! We ask that you sign our Developer Certificate of Origin before we can accept your contribution. You can sign the DCO by adding a comment below using this text:

---

I have read the DCO document and I hereby sign the DCO.

---

_{You can retrigger this bot by commenting recheck in this Pull Request. Posted by the DCO Assistant Lite bot.}

[johntmyers]

Closing in favor of consolidated re-implementation. See #350 for tracking.